Lucene search

[email protected]CVE-2009-2283

HistoryJul 01, 2009 - 1:00 p.m.

CVE-2009-2283

2009-07-0113:00:01

CWE-79

[email protected]

web.nvd.nist.gov

cve-2009-2283

cross-site scripting

xss

sun java web console

solaris 10

security vulnerability

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

59.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

sunjava_web_consoleMatch3.0.2

sunjava_web_consoleMatch3.0.2linux

sunjava_web_consoleMatch3.0.2solaris8_sparc

sunjava_web_consoleMatch3.0.2solaris8_x86

sunjava_web_consoleMatch3.0.2solaris9_sparc

sunjava_web_consoleMatch3.0.2windows

sunjava_web_consoleMatch3.0.3

sunjava_web_consoleMatch3.0.3linux

sunjava_web_consoleMatch3.0.3solaris9_sparc

sunjava_web_consoleMatch3.0.3solaris9_x86

sunjava_web_consoleMatch3.0.3windows

sunjava_web_consoleMatch3.0.4

sunjava_web_consoleMatch3.0.4linux

sunjava_web_consoleMatch3.0.4solaris9_sparc

sunjava_web_consoleMatch3.0.4solaris9_x86

sunjava_web_consoleMatch3.0.4windows

sunjava_web_consoleMatch3.0.5

sunjava_web_consoleMatch3.0.5linux

sunjava_web_consoleMatch3.0.5solaris9_sparc

sunjava_web_consoleMatch3.0.5solaris9_x86

sunjava_web_consoleMatch3.0.5windows

sunsolarisMatch10sparc

sunsolarisMatch10x86

CPENameOperatorVersion
sun:java_web_consolesun java web consoleeq3.0.2
sun:java_web_consolesun java web consoleeq3.0.3
sun:java_web_consolesun java web consoleeq3.0.4
sun:java_web_consolesun java web consoleeq3.0.5
sun:solarissun solariseq10

CPE	Name	Operator	Version
sun:java_web_console	sun java web console	eq	3.0.2
sun:java_web_console	sun java web console	eq	3.0.3
sun:java_web_console	sun java web console	eq	3.0.4
sun:java_web_console	sun java web console	eq	3.0.5
sun:solaris	sun solaris	eq	10