CVE-2004-2763

2009-06-01T18:30:00
ID CVE-2004-2763
Type cve
Reporter NVD
Modified 2009-06-02T00:00:00

Description

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.