Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

Bugtraq ID:	18035
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	May 19 2006 12:00AM
Updated:	May 19 2006 05:58PM
Credit:	These issues were disclosed by the vendor.
Vulnerable:	Sun ONE Web Server 6.0 SP9 Sun ONE Web Server 6.0 SP8 Sun ONE Web Server 6.0 SP7 Sun ONE Web Server 6.0 SP6 Sun ONE Web Server 6.0 SP5 Sun ONE Web Server 6.0 SP4 Sun ONE Web Server 6.0 SP3 Sun ONE Web Server 6.0 SP2 Sun ONE Web Server 6.0 SP1 Sun ONE Web Server 6.0 Sun ONE Web Server 4.1 SP9 Sun ONE Web Server 4.1 SP8 Sun ONE Web Server 4.1 SP7 Sun ONE Web Server 4.1 SP6 Sun ONE Web Server 4.1 SP5 Sun ONE Web Server 4.1 SP5 Sun ONE Web Server 4.1 SP4 Sun ONE Web Server 4.1 SP3 Sun ONE Web Server 4.1 SP2 Sun ONE Web Server 4.1 SP14 Sun ONE Web Server 4.1 SP13 Sun ONE Web Server 4.1 SP12 Sun ONE Web Server 4.1 SP11 Sun ONE Web Server 4.1 SP10 Sun ONE Web Server 4.1 SP1 Sun ONE Web Server 4.1 Sun ONE Application Server 7.0 UR6 Standard Edition Sun ONE Application Server 7.0 UR6 Platform Edition Sun ONE Application Server 7.0 UR2 Upgrade Standard Sun ONE Application Server 7.0 UR2 Upgrade Platform Sun ONE Application Server 7.0 UR2 Standard Edition Sun ONE Application Server 7.0 UR2 Platform Edition Sun ONE Application Server 7.0 UR1 Standard Edition Sun ONE Application Server 7.0 UR1 Platform Edition Sun ONE Application Server 7.0 Standard Edition Sun ONE Application Server 7.0 Platform Edition Sun ONE Application Server 6.5 SP1 MU7 Sun ONE Application Server 6.5 SP1 MU6 Sun ONE Application Server 6.5 SP1 MU5 Sun ONE Application Server 6.5 SP1 MU4 Sun ONE Application Server 6.5 SP1 MU3 Sun ONE Application Server 6.5 SP1 MU2 Sun ONE Application Server 6.5 SP1 MU1 Sun ONE Application Server 6.5 SP1 Sun ONE Application Server 6.5 MU3 Sun ONE Application Server 6.5 MU2 Sun ONE Application Server 6.5 MU1 Sun ONE Application Server 6.5 Sun ONE Application Server 6.0 SP4 Sun ONE Application Server 6.0 SP3 Sun ONE Application Server 6.0 SP2 Sun ONE Application Server 6.0 SP1 Sun ONE Application Server 6.0 Sun Java System Web Server 6.1 SP4 Sun Java System Web Server 6.1 SP3 Sun Java System Web Server 6.1 SP2 Sun Java System Web Server 6.1 SP1 Sun Java System Web Server 6.1 Sun Java System Web Server 6.0 SP8 Sun Java System Web Server 6.0 SP7 Sun Java System Web Server 6.0 SP6 Sun Java System Web Server 6.0 SP5 Sun Java System Web Server 6.0 SP4 Sun Java System Web Server 6.0 SP3 Sun Java System Web Server 6.0 SP2 Sun Java System Web Server 6.0 SP1 Sun Java System Web Server 6.0 Sun Java System Application Server 7.0 UR7 Standard Edition Sun Java System Application Server 7.0 UR7 Platform Edition Sun Java System Application Server 7.0 UR6 Standard Edition Sun Java System Application Server 7.0 UR6 Platform Edition Sun Java System Application Server 7.0 UR5 Standard Edition Sun Java System Application Server 7.0 UR5 Platform Edition Sun Java System Application Server 7.0 UR4 Sun Java System Application Server 7.0 2004Q2 R2 Standard Sun Java System Application Server 7.0 2004Q2 R2 Enterprise Sun Java System Application Server 7.0 2004Q2 R1Standard Sun Java System Application Server 7.0 2004Q2 R1Enterprise Sun Java System Application Server 7.0 Standard Edition Sun Java System Application Server 7.0 Platform Edition Sun Java System Application Server 7.0 Enterprise Edition Sun Java System Application Server 7.0 2004Q2
Not Vulnerable:	Sun ONE Web Server 6.0 SP10 Sun ONE Application Server 7.0 UR7 Standard Edition Sun ONE Application Server 7.0 UR7 Platform Edition Sun Java System Web Server 6.1 SP5 Sun Java System Application Server 7.0 2004Q2 R3 Standard Sun Java System Application Server 7.0 2004Q2 R3 Enterprise

Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

Sun One and Sun Java System applications are prone to a cross-site scripting vulnerability. This issue is due to a failure in the applications to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

This issue can be exploited through a web client.

Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

Solution:
The vendor has released updates to address this issue.


Sun ONE Web Server 6.0 SP5

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP9

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP4

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP7

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP6

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP2

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP3

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP8

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun ONE Web Server 6.0 SP1

• Sun Sun ONE Web Server 6.0 Service Pack 10
  http://www.sun.com/download/products.xml?id=43a84f89

Sun Java System Web Server 6.1 SP4

• Sun Sun Java System Web Server 6.1 Service Pack 5
  http://www.sun.com/download/products.xml?id=434aec1d

Sun Java System Web Server 6.1 SP3

• Sun Sun Java System Web Server 6.1 Service Pack 5
  http://www.sun.com/download/products.xml?id=434aec1d

Sun Java System Web Server 6.1 SP1

• Sun Sun Java System Web Server 6.1 Service Pack 5
  http://www.sun.com/download/products.xml?id=434aec1d

Sun Java System Web Server 6.1 SP2

• Sun Sun Java System Web Server 6.1 Service Pack 5
  http://www.sun.com/download/products.xml?id=434aec1d

Sun Java System Web Server 6.1

• Sun Sun Java System Web Server 6.1 Service Pack 5
  http://www.sun.com/download/products.xml?id=434aec1d

Sun ONE Application Server 7.0 UR1 Platform Edition

• Sun Sun ONE Application Server 7 Platform Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae3178

Sun ONE Application Server 7.0 UR2 Standard Edition

• Sun Sun ONE Application Server 7 Standard Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae317c

Sun ONE Application Server 7.0 Standard Edition

• Sun Sun ONE Application Server 7 Standard Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae317c

Sun Java System Application Server 7.0 2004Q2 R2 Standard

• Sun Sun Java System Application Server 7 2004Q2 Standard Edition Update 3
  http://www.sun.com/download/products.xml?id=4331ff42

Sun Java System Application Server 7.0 2004Q2 R2 Enterprise

• Sun Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 3
  http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId =SJAS72004Q2U4-EE-OTH-G-ES&TransactionId=try

Sun ONE Application Server 7.0 UR6 Standard Edition

• Sun Sun ONE Application Server 7 Standard Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae317c

Sun ONE Application Server 7.0 Platform Edition

• Sun Sun ONE Application Server 7 Platform Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae3178

Sun ONE Application Server 7.0 UR2 Platform Edition

• Sun Sun ONE Application Server 7 Platform Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae3178

Sun Java System Application Server 7.0 2004Q2 R1Enterprise

• Sun Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 3
  http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId =SJAS72004Q2U4-EE-OTH-G-ES&TransactionId=try

Sun ONE Application Server 7.0 UR6 Platform Edition

• Sun Sun ONE Application Server 7 Platform Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae3178

Sun Java System Application Server 7.0 2004Q2 R1Standard

• Sun Sun Java System Application Server 7 2004Q2 Standard Edition Update 3
  http://www.sun.com/download/products.xml?id=4331ff42

Sun ONE Application Server 7.0 UR2 Upgrade Platform

• Sun Sun ONE Application Server 7 Platform Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae3178

Sun ONE Application Server 7.0 UR2 Upgrade Standard

• Sun Sun ONE Application Server 7 Standard Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae317c

Sun ONE Application Server 7.0 UR1 Standard Edition

• Sun Sun ONE Application Server 7 Standard Edition Update 7
  http://www.sun.com/download/products.xml?id=42ae317c

Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

References:

• Java System Web Server Home Page (Sun)
  
• Sun Alert ID: 102164 - Cross Site Scripting Vulnerability in Sun ONE and Sun Jav (Sun)
  
• Sun Java System Application Server Homepage (Sun)
  
• Sun ONE Application Server Homepage (Sun)
  
• Sun[tm] ONE Web Server (Sun)