| VID |
22093 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Servlet |
| Detailed Description |
The Java Servlet container is vulnerable to a cross-site scripting attack.
The Java Servlet container does not filter script embedding from user-submitted links that are displayed on the server's websites. A malicious webmaster can exploit this vulnerability to cause JavaScript commands or embedded scripts to be executed by any user who clicks on the hyper-link. When the malicious hyper-link is clicked it will produce the standard error message for the webserver, but it will also run the arbitrary code in the same browser as the domain.
The problem can result when either of the following occur:
- Browser-submitted input is not properly validated before it is reused as part of a dynamically generated HTML page sent back to the browser.
- Web developers store browser-submitted input data that is used for generating a dynamic HTML page at some later time.
Vulnerable systems:
* Tomcat versions 3.2.1, 3.2.2-beta, 4.0-beta
* JRun versions 2.3.3 and 3.0
* WebSphere versions 3.5 FP2, 3.02 and VisualAge for Java 3.5 Professional
* Resin version 1.2.2
* References:
http://www.iss.net/security_center/static/6793.php
http://www.kb.cert.org/vuls/id/654643 |
| Recommendation |
JRun:
Update to the latest version of the JRun from:
https://www.adobe.com/products/jrun/lownload/
WebSphere:
Install patch number: PQ47386V302x it can be downloaded form: http://www-4.ibm.com/software/webservers/appserv/efix.html
Workaround:
Customize the 404 error pages to include static information only. |
| Related URL |
CVE-2001-1544 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
