Cross-Site Scripting Vulnerability in Sun Java System Access Manager
CVE-2009-2268

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Access Manager
Vendor: CVE Published:; 1 July 2009

What is CVE-2009-2268?

The Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager has a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML into web pages. This vulnerability can be exploited through unspecified vectors, potentially compromising the security and integrity of web applications reliant on the affected versions of the software.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...

x_refsource_CONFIRM

http://secunia.com/advisories/35651

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2009
Vulnerability Reserved
Jul 1, 2009

Oracle

What is CVE-2009-2268?

References

Timeline