Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-5098
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-17 Nov, 2008 | 18:18
Updated At-30 Oct, 2018 | 16:26

Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-2904.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
Sun Microsystems (Oracle Corporation)
sun
>>java_system_messaging_server>>6.2
cpe:2.3:a:sun:java_system_messaging_server:6.2:-:sparc:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>java_system_messaging_server>>6.2
cpe:2.3:a:sun:java_system_messaging_server:6.2:-:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>java_system_messaging_server>>6.3
cpe:2.3:a:sun:java_system_messaging_server:6.3:-:sparc:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>java_system_messaging_server>>6.3
cpe:2.3:a:sun:java_system_messaging_server:6.3:-:x86:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

http://sunsolve.sun.com/search/document.do?assetkey=1-26-242186-1 5. Resolution This issue is addressed in the following releases: SPARC Platform * Sun Java System Messaging Server 6.2 and 6.3 (for Solaris 9 and Solaris 10) with patch 120228-29 or later * Sun Java System Messaging Server 6.3 (64-bit Solaris) with patch 126479-10 or later x86 Platform * Sun Java System Messaging Server 6.2 and 6.3 (for Solaris 9 and Solaris 10) with patch 120229-29 or later * Sun Java System Messaging Server 6.3 (64-bit) with patch 126480-10 or later Linux Platform * Sun Java System Messaging Server 6.2 and 6.3 (for RHEL 3 and RHEL 4) with patch 120230-29 or later

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/49836cve@mitre.org
N/A
http://secunia.com/advisories/32670cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1021223cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-242186-1cve@mitre.org
Patch
Vendor Advisory
http://www.securityfocus.com/bid/32285cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/3152cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/46583cve@mitre.org
N/A
Change History
0Changes found
Details not found