cve-2009-1934
Vulnerability from cvelistv5
Published
2009-06-05 15:25
Modified
2024-08-07 05:27
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.
References
cve@mitre.orghttp://osvdb.org/54872
cve@mitre.orghttp://secunia.com/advisories/35338Vendor Advisory
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1Patch
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1Patch, Vendor Advisory
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2009-211.htm
cve@mitre.orghttp://www.securityfocus.com/bid/35204
cve@mitre.orghttp://www.securitytracker.com/id?1022334
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1500
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/50951
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/54872
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35338Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35204
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022334
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1500
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50951
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:27:54.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "259588",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1"
          },
          {
            "name": "35338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35338"
          },
          {
            "name": "35204",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35204"
          },
          {
            "name": "54872",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54872"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1"
          },
          {
            "name": "ADV-2009-1500",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1500"
          },
          {
            "name": "1022334",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022334"
          },
          {
            "name": "jsws-reverseproxyplugin-xss(50951)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50951"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-06-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "259588",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1"
        },
        {
          "name": "35338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35338"
        },
        {
          "name": "35204",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35204"
        },
        {
          "name": "54872",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54872"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1"
        },
        {
          "name": "ADV-2009-1500",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1500"
        },
        {
          "name": "1022334",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022334"
        },
        {
          "name": "jsws-reverseproxyplugin-xss(50951)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50951"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1934",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "259588",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1"
            },
            {
              "name": "35338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35338"
            },
            {
              "name": "35204",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35204"
            },
            {
              "name": "54872",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54872"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1"
            },
            {
              "name": "ADV-2009-1500",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1500"
            },
            {
              "name": "1022334",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022334"
            },
            {
              "name": "jsws-reverseproxyplugin-xss(50951)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50951"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1934",
    "datePublished": "2009-06-05T15:25:00",
    "dateReserved": "2009-06-05T00:00:00",
    "dateUpdated": "2024-08-07T05:27:54.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:aix:*:*:*:*:*\", \"matchCriteriaId\": \"C432A6A6-E063-49F5-9784-0E34B5F843EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:aix:*:*:*:*:*\", \"matchCriteriaId\": \"389FD567-59F5-47C3-B000-E916357889DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:aix:*:*:*:*:*\", \"matchCriteriaId\": \"A58B50D0-CBEA-43D5-9537-E9418B13CDA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:aix:*:*:*:*:*\", \"matchCriteriaId\": \"131D4D0F-D73B-434A-845E-9788EE48915B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:aix:*:*:*:*:*\", \"matchCriteriaId\": \"698DCBEF-41C5-474E-BE60-0BC285A89B18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:aix:*:*:*:*:*\", \"matchCriteriaId\": \"D0518BE3-1E9A-4974-9805-E70CB95ADC40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:aix:*:*:*:*:*\", \"matchCriteriaId\": \"A53CE597-7827-4BDD-A922-23829485A1E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:aix:*:*:*:*:*\", \"matchCriteriaId\": \"566250FE-D1E1-43CE-9255-99B8AC1FD0EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:aix:*:*:*:*:*\", \"matchCriteriaId\": \"9A6494E5-72D1-43E0-ABEE-16D23D167801\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:aix:*:*:*:*:*\", \"matchCriteriaId\": \"1AD96005-4158-4962-BD8E-3CED7CF3E900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:aix:*:*:*:*:*\", \"matchCriteriaId\": \"725A8D67-7742-4BE2-AADE-E76BC880A9E3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"43511DA8-A07B-4927-9FB2-CF2429BC50C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"F84E3EFA-4013-4538-A32B-59B4EE874D4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"2E956D83-8463-4A5C-9D7F-CED9A43E3C62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"84E5E3A8-1938-4CB4-9673-196F4E6D37C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"E2281A43-3C8D-470F-8F95-B63AA5F27BB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"98952019-7F68-4A6B-810C-829A82A472E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"4E3A50B8-050E-401E-8B7C-700B3B478FFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"92F78B4D-89AC-4941-9E32-8FD21F3DC9C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"B80D8913-987A-4316-BC53-16236B4356F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"3E69834C-A381-4AC6-B42E-F19E199D5A93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:hp_ux:*:*:*:*:*\", \"matchCriteriaId\": \"57A273B7-CDB6-4F47-AFE3-3864DCC01E4A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:linux:*:*:*:*:*\", \"matchCriteriaId\": \"99520DA9-10F0-43E8-8A77-2FDA676922C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:linux:*:*:*:*:*\", \"matchCriteriaId\": \"5165C493-78EC-44FC-9401-4BC9BB4D857B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:linux:*:*:*:*:*\", \"matchCriteriaId\": \"7A4F803A-14B6-47FB-92C6-7E4BE435A2C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:linux:*:*:*:*:*\", \"matchCriteriaId\": \"7276CA8E-4DEC-4B84-8D3B-1F59AE192987\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:linux:*:*:*:*:*\", \"matchCriteriaId\": \"9CE812CB-48A5-44AB-AB92-420C1F9B8396\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:linux:*:*:*:*:*\", \"matchCriteriaId\": \"8C227B78-F34D-48B3-B150-EA91B6CA74FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:linux:*:*:*:*:*\", \"matchCriteriaId\": \"1004FBF0-AD2A-45A0-A4D7-E24EFC41A558\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"88A61895-37FC-462F-928D-65BF02A0676D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:linux:*:*:*:*:*\", \"matchCriteriaId\": \"DE360D60-0894-4E3F-AE2A-A135C4382D3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:linux:*:*:*:*:*\", \"matchCriteriaId\": \"361DF0F9-1808-495E-8189-BFBC3AD082F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:linux:*:*:*:*:*\", \"matchCriteriaId\": \"2DD5222B-BFF5-4FFF-BD91-5B2CBDE14312\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:*:*:*:*:*\", \"matchCriteriaId\": \"A7BDC9E6-87C4-4AE1-AEAD-518CCFF853E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:*:*:*:*:*\", \"matchCriteriaId\": \"A018481B-EB48-4C4E-A1E4-324DCC437441\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:*:*:*:*:*\", \"matchCriteriaId\": \"B0FEC983-91A6-4708-8308-B77B0FD2D9DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:*:*:*:*:*\", \"matchCriteriaId\": \"431D609A-AA61-4C7C-8F4A-8B01DB2E32E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:*:*:*:*:*\", \"matchCriteriaId\": \"37CBE122-47ED-4659-B15A-55FAF15BA63C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:*:*:*:*:*\", \"matchCriteriaId\": \"E3866A08-0CFA-473D-BBE5-4736282A6446\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:*:*:*:*:*\", \"matchCriteriaId\": \"4541C58C-45F1-4F17-82B9-E33BE693D8DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:windows:*:*:*:*:*\", \"matchCriteriaId\": \"3B3825DF-E190-4B15-8160-CAFACDDE7686\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:windows:*:*:*:*:*\", \"matchCriteriaId\": \"91B10E76-4D66-42B2-BC3B-86F158078CAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:windows:*:*:*:*:*\", \"matchCriteriaId\": \"D2311610-C676-4F41-8F64-224C074C8295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:windows:*:*:*:*:*\", \"matchCriteriaId\": \"A3C45222-B840-446B-ADF3-08C09A8B52CE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"A280F4D8-13D9-407B-A5C7-E85D7E83A142\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"348671B8-279F-426B-A00B-5948297EDFFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"45088B1A-D4C7-4FA9-AE39-5B0D2941A8AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"55BC4F3F-51D0-432A-96D5-65C7599F9832\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"C434356D-DAB3-4B78-B1D2-AEB8EC69CE32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"300FA553-5FE3-4036-B80B-C4806C865660\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"D35923A0-BF2C-400F-BE43-A13B67E4ED89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"4DB66630-4A2A-44F2-971C-3B353F687868\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"CB79BECF-1413-438F-9741-CC3BE256E1C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"ACAFC237-58BC-4CB1-948C-A2D9B3742809\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:sparc:*:*:*:*:*\", \"matchCriteriaId\": \"4B0293BA-6694-4FD0-93FE-7F674AA2A604\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:x86:*:*:*:*:*\", \"matchCriteriaId\": \"80CB7673-2A98-434B-99A3-24DB4686CDE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:x86:*:*:*:*:*\", \"matchCriteriaId\": \"6BBCB1B9-965D-41C9-81A4-A7470AE46D62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp48:x86:*:*:*:*:*\", \"matchCriteriaId\": \"B2F944E7-F894-42D8-8167-BCC2DEE10BC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:x86:*:*:*:*:*\", \"matchCriteriaId\": \"09FB3270-1242-4EE9-86B7-7B841DEF2533\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:x86:*:*:*:*:*\", \"matchCriteriaId\": \"70901AC0-E2E5-4C8C-B903-105AF7528D6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:x86:*:*:*:*:*\", \"matchCriteriaId\": \"440814EC-4215-4ACB-912F-DA75C5CD1AA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:x86:*:*:*:*:*\", \"matchCriteriaId\": \"17466643-0B26-4D65-B2FD-C958D906BE91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:*:x86:*:*:*:*:*\", \"matchCriteriaId\": \"DF9C742B-C0C4-46D5-A7DA-025852069BE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp1:x86:*:*:*:*:*\", \"matchCriteriaId\": \"3378607F-5EF7-4C11-8254-6A44A03B8BC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp2:x86:*:*:*:*:*\", \"matchCriteriaId\": \"7ACFC436-5A5C-4E31-957F-ED5127ECDB02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:one_web_server:6.1:sp3:x86:*:*:*:*:*\", \"matchCriteriaId\": \"D5E51FAA-1DD4-478F-B439-D344C33AE355\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Reverse Proxy Plug-in en Sun Java System Web Server v6.1 anterior a SP11, permite a atacantes remotos la inyecci\\u00f3n de c\\u00f3digo web y HTML de su elecci\\u00f3n a trav\\u00e9s de una consulta de cadena en situaciones resultantes de un error \\\"502 Gateway\\\".\"}]",
      "id": "CVE-2009-1934",
      "lastModified": "2024-11-21T01:03:43.900",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-06-05T16:00:00.343",
      "references": "[{\"url\": \"http://osvdb.org/54872\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/35338\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/35204\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1022334\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1500\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50951\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/54872\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35338\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/35204\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1022334\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1500\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50951\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-1934\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-06-05T16:00:00.343\",\"lastModified\":\"2024-11-21T01:03:43.900\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Reverse Proxy Plug-in en Sun Java System Web Server v6.1 anterior a SP11, permite a atacantes remotos la inyecci\u00f3n de c\u00f3digo web y HTML de su elecci\u00f3n a trav\u00e9s de una consulta de cadena en situaciones resultantes de un error \\\"502 Gateway\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:aix:*:*:*:*:*\",\"matchCriteriaId\":\"C432A6A6-E063-49F5-9784-0E34B5F843EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:aix:*:*:*:*:*\",\"matchCriteriaId\":\"389FD567-59F5-47C3-B000-E916357889DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:aix:*:*:*:*:*\",\"matchCriteriaId\":\"A58B50D0-CBEA-43D5-9537-E9418B13CDA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:aix:*:*:*:*:*\",\"matchCriteriaId\":\"131D4D0F-D73B-434A-845E-9788EE48915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:aix:*:*:*:*:*\",\"matchCriteriaId\":\"698DCBEF-41C5-474E-BE60-0BC285A89B18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:aix:*:*:*:*:*\",\"matchCriteriaId\":\"D0518BE3-1E9A-4974-9805-E70CB95ADC40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:aix:*:*:*:*:*\",\"matchCriteriaId\":\"A53CE597-7827-4BDD-A922-23829485A1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:aix:*:*:*:*:*\",\"matchCriteriaId\":\"566250FE-D1E1-43CE-9255-99B8AC1FD0EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:aix:*:*:*:*:*\",\"matchCriteriaId\":\"9A6494E5-72D1-43E0-ABEE-16D23D167801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:aix:*:*:*:*:*\",\"matchCriteriaId\":\"1AD96005-4158-4962-BD8E-3CED7CF3E900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:aix:*:*:*:*:*\",\"matchCriteriaId\":\"725A8D67-7742-4BE2-AADE-E76BC880A9E3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"43511DA8-A07B-4927-9FB2-CF2429BC50C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"F84E3EFA-4013-4538-A32B-59B4EE874D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"2E956D83-8463-4A5C-9D7F-CED9A43E3C62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"84E5E3A8-1938-4CB4-9673-196F4E6D37C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"E2281A43-3C8D-470F-8F95-B63AA5F27BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"98952019-7F68-4A6B-810C-829A82A472E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"4E3A50B8-050E-401E-8B7C-700B3B478FFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"92F78B4D-89AC-4941-9E32-8FD21F3DC9C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"B80D8913-987A-4316-BC53-16236B4356F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"3E69834C-A381-4AC6-B42E-F19E199D5A93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:hp_ux:*:*:*:*:*\",\"matchCriteriaId\":\"57A273B7-CDB6-4F47-AFE3-3864DCC01E4A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:linux:*:*:*:*:*\",\"matchCriteriaId\":\"99520DA9-10F0-43E8-8A77-2FDA676922C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:linux:*:*:*:*:*\",\"matchCriteriaId\":\"5165C493-78EC-44FC-9401-4BC9BB4D857B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:linux:*:*:*:*:*\",\"matchCriteriaId\":\"7A4F803A-14B6-47FB-92C6-7E4BE435A2C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:linux:*:*:*:*:*\",\"matchCriteriaId\":\"7276CA8E-4DEC-4B84-8D3B-1F59AE192987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:linux:*:*:*:*:*\",\"matchCriteriaId\":\"9CE812CB-48A5-44AB-AB92-420C1F9B8396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:linux:*:*:*:*:*\",\"matchCriteriaId\":\"8C227B78-F34D-48B3-B150-EA91B6CA74FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:linux:*:*:*:*:*\",\"matchCriteriaId\":\"1004FBF0-AD2A-45A0-A4D7-E24EFC41A558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"88A61895-37FC-462F-928D-65BF02A0676D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:linux:*:*:*:*:*\",\"matchCriteriaId\":\"DE360D60-0894-4E3F-AE2A-A135C4382D3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:linux:*:*:*:*:*\",\"matchCriteriaId\":\"361DF0F9-1808-495E-8189-BFBC3AD082F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:linux:*:*:*:*:*\",\"matchCriteriaId\":\"2DD5222B-BFF5-4FFF-BD91-5B2CBDE14312\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:*:*:*:*:*\",\"matchCriteriaId\":\"A7BDC9E6-87C4-4AE1-AEAD-518CCFF853E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:*:*:*:*:*\",\"matchCriteriaId\":\"A018481B-EB48-4C4E-A1E4-324DCC437441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:*:*:*:*:*\",\"matchCriteriaId\":\"B0FEC983-91A6-4708-8308-B77B0FD2D9DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:*:*:*:*:*\",\"matchCriteriaId\":\"431D609A-AA61-4C7C-8F4A-8B01DB2E32E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:*:*:*:*:*\",\"matchCriteriaId\":\"37CBE122-47ED-4659-B15A-55FAF15BA63C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:*:*:*:*:*\",\"matchCriteriaId\":\"E3866A08-0CFA-473D-BBE5-4736282A6446\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:*:*:*:*:*\",\"matchCriteriaId\":\"4541C58C-45F1-4F17-82B9-E33BE693D8DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:windows:*:*:*:*:*\",\"matchCriteriaId\":\"3B3825DF-E190-4B15-8160-CAFACDDE7686\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:windows:*:*:*:*:*\",\"matchCriteriaId\":\"91B10E76-4D66-42B2-BC3B-86F158078CAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:windows:*:*:*:*:*\",\"matchCriteriaId\":\"D2311610-C676-4F41-8F64-224C074C8295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:windows:*:*:*:*:*\",\"matchCriteriaId\":\"A3C45222-B840-446B-ADF3-08C09A8B52CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"A280F4D8-13D9-407B-A5C7-E85D7E83A142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"348671B8-279F-426B-A00B-5948297EDFFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"45088B1A-D4C7-4FA9-AE39-5B0D2941A8AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"55BC4F3F-51D0-432A-96D5-65C7599F9832\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"C434356D-DAB3-4B78-B1D2-AEB8EC69CE32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp8:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"300FA553-5FE3-4036-B80B-C4806C865660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"D35923A0-BF2C-400F-BE43-A13B67E4ED89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"4DB66630-4A2A-44F2-971C-3B353F687868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"CB79BECF-1413-438F-9741-CC3BE256E1C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"ACAFC237-58BC-4CB1-948C-A2D9B3742809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"4B0293BA-6694-4FD0-93FE-7F674AA2A604\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp10:x86:*:*:*:*:*\",\"matchCriteriaId\":\"80CB7673-2A98-434B-99A3-24DB4686CDE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp4:x86:*:*:*:*:*\",\"matchCriteriaId\":\"6BBCB1B9-965D-41C9-81A4-A7470AE46D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp48:x86:*:*:*:*:*\",\"matchCriteriaId\":\"B2F944E7-F894-42D8-8167-BCC2DEE10BC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp5:x86:*:*:*:*:*\",\"matchCriteriaId\":\"09FB3270-1242-4EE9-86B7-7B841DEF2533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp6:x86:*:*:*:*:*\",\"matchCriteriaId\":\"70901AC0-E2E5-4C8C-B903-105AF7528D6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp7:x86:*:*:*:*:*\",\"matchCriteriaId\":\"440814EC-4215-4ACB-912F-DA75C5CD1AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_web_server:6.1:sp9:x86:*:*:*:*:*\",\"matchCriteriaId\":\"17466643-0B26-4D65-B2FD-C958D906BE91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"DF9C742B-C0C4-46D5-A7DA-025852069BE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp1:x86:*:*:*:*:*\",\"matchCriteriaId\":\"3378607F-5EF7-4C11-8254-6A44A03B8BC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp2:x86:*:*:*:*:*\",\"matchCriteriaId\":\"7ACFC436-5A5C-4E31-957F-ED5127ECDB02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:one_web_server:6.1:sp3:x86:*:*:*:*:*\",\"matchCriteriaId\":\"D5E51FAA-1DD4-478F-B439-D344C33AE355\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/54872\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/35338\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/35204\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1022334\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1500\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50951\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/54872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35338\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-21-116648-23-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-211.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/35204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1022334\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1500\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50951\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.