Interstage Application Server Unspecified Cross Site Scripting Vulnerability
BID:23020
Info
Interstage Application Server Unspecified Cross Site Scripting Vulnerability
| Bugtraq ID: | 23020 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-0537 CVE-2007-0478 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2007 12:00AM |
| Updated: | Mar 19 2007 08:14PM |
| Credit: | Daiki Fukumori is credited with the discovery of this vulnerability. |
| Vulnerable: |
Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1 Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1 Fujitsu INTERSTAGE Job Workload Server 8.1 Fujitsu INTERSTAGE Business Application Server Enterprise 8.0.0 Fujitsu INTERSTAGE Apworks Modelers-J Edition 7.0 Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0A Fujitsu INTERSTAGE Apworks Modelers-J Edition 6.0 Fujitsu iNTERSTAGE Application Server Web-J Edition 5.0 Fujitsu iNTERSTAGE Application Server Web-J Edition 4.0 Fujitsu INTERSTAGE Application Server Standard-J Edition 8.0.2 Fujitsu iNTERSTAGE Application Server Standard Edition 7.0 Fujitsu iNTERSTAGE Application Server Standard Edition 5.0 Fujitsu iNTERSTAGE Application Server Standard Edition 4.0 Fujitsu iNTERSTAGE Application Server Standard Edition 3.0 Fujitsu Interstage Application Server Plus 7.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0.2 Fujitsu INTERSTAGE Application Server Enterprise Edition 8.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0.1 Fujitsu INTERSTAGE Application Server Enterprise Edition 5.0.1 Fujitsu INTERSTAGE Application Server Enterprise Edition 7.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 6.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 5.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 4.0 Fujitsu INTERSTAGE Application Server Enterprise Edition 3.0 |
| Not Vulnerable: | |
Discussion
Interstage Application Server Unspecified Cross Site Scripting Vulnerability
Interstage Application Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data.
Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks.
Interstage Application Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data.
Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
Interstage Application Server Unspecified Cross Site Scripting Vulnerability
An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
Solution / Fix
Interstage Application Server Unspecified Cross Site Scripting Vulnerability
Solution:
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Interstage Application Server Unspecified Cross Site Scripting Vulnerability
References:
References: