软件: Sun Java System Web Server (Sun ONE/iPlanet) 6.x
描述:
漏洞报告了Sun Java系统网络服务器,它可以被恶意人士进行跨网站脚本攻击。
未指定的输入传递给Sun Java系统网络服务器6.1反向代理插件是没有正确地过滤,然后返回给用户。这可以被用来执行任意HTML和脚本代码在用户的浏览器会在背景下,受影响网站。
安全建议:
Apply patches or update to Service Pack 11 or later.
https://cds.sun.com/is-bin/INTERSHOP….Ref=SJWS-6.1-SP11-OTH-G-F@CDS-CDS_SMI
— SPARC Platform —
Sun Java System Web Server 6.1:
Update to Service Pack 11, or apply patch 116648-23 or later.
— x86 Platform —
Sun Java System Web Server 6.1:
Update to Service Pack 11, or apply patch 116649-23 or later.
— Linux —
Sun Java System Web Server 6.1:
Update to Service Pack 11, or apply patch 118202-15 or later.
— Windows —
Sun Java System Web Server 6.1:
Update to Service Pack 11, or apply patch 121524-07 or later.
— HP-UX —
Sun Java System Web Server 6.1:
Update to Service Pack 11, or apply patch 121510-07 or later.
— AIX —
Sun Java System Web Server 6.1:
Update to Service Pack 11 or later.
0 条评论。