Multiple SpringSource Products Multiple HTML Injection Vulnerabilities

Bugtraq ID:	38913
Class:	Input Validation Error
CVE:	CVE-2009-2907
Remote:	Yes
Local:	No
Published:	Mar 23 2010 12:00AM
Updated:	Mar 24 2010 02:52PM
Credit:	Aaron Kulick of CBS Interactive
Vulnerable:	SpringSource tc Server 6.0.20 .B SpringSource Hyperic HQ Open Source 0 SpringSource Hyperic HQ 4.1.2 SpringSource Hyperic HQ 4.0.3 SpringSource Hyperic HQ 4.2 pre-release SpringSource Application Management Suite 2.0 .SR3
Not Vulnerable:	SpringSource Hyperic HQ 4.1.2 .1 SpringSource Hyperic HQ 4.0.3 .2 SpringSource Hyperic HQ 4.2 SpringSource Application Management Suite 2.0 .SR4

Multiple SpringSource Products Multiple HTML Injection Vulnerabilities

Multiple SpringSource Products are prone to multiple HTML-injection vulnerabilities because they fail to sufficiently sanitize user-supplied data.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

The following are vulnerable:

Hyperic HQ 4.0 prior to 4.0.3.2
Hyperic HQ 4.1 prior to 4.1.2.1
Hyper HQ Open Source
Hyperic HQ 4.2 pre-release
tc Server 6.0.20.B and prior
AMS 2.0 prior to 2.0.0.SR4

Multiple SpringSource Products Multiple HTML Injection Vulnerabilities

Solution:
Updates are available; please see the references for more information.

Multiple SpringSource Products Multiple HTML Injection Vulnerabilities

References:

• 23 March 2010: CVE-2009-2907: Multiple XSS vulnerabilities (SpringSource)
  
• SpringSource Homepage (SpringSource)
  
• CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities (s2-security )