Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0857

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0857
Last Modified 17 Jun 2009 12:00:00
Published 09 Mar 2009 05:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0857

Summary

Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console.

Vulnerable Systems

Application

  • Sun Management Center 3.6.1

  • Sun Management Center 4.0


References

XF - sunmc-performancereportingmodule-xss(49076)

VUPEN - ADV-2009-0605

BID - 33999

SUNALERT - 247046

CONFIRM - http://sunsolve.sun.com/search/document.do?assetkey=1-21-125191-04-1

SECTRACK - 1021809

SECUNIA - 34146


Last Updated: 27 May 2016 10:50:24