RootSSV:12358IBM WebSphere Application Server Eclipse Help跨站脚本漏洞
0.002 Low
EPSS
Percentile
56.6%
Bugraq ID: 36455
CVE ID:CVE-2009-2742
IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。
IBM WebSphere Application Server包含的Eclipse Help组件不正确验证用户提供的输入,远程攻击者可以利用漏洞使用特殊构建的URL,诱使用户点击,可在目标用户浏览器上执行任意脚本代码。
目前没有详细漏洞细节提供。
IBM Websphere Application Server 6.1 25
IBM Websphere Application Server 6.1 23
IBM Websphere Application Server 6.1 22
IBM Websphere Application Server 6.1 21
IBM Websphere Application Server 6.1 20
IBM Websphere Application Server 6.1 19
IBM Websphere Application Server 6.1 18
IBM Websphere Application Server 6.1 17
IBM Websphere Application Server 6.1 15
IBM Websphere Application Server 6.1 13
IBM Websphere Application Server 6.1 12
IBM Websphere Application Server 6.1 10
IBM Websphere Application Server 6.1 .9
IBM Websphere Application Server 6.1 .7
IBM Websphere Application Server 6.1 .6
IBM Websphere Application Server 6.1 .5
IBM Websphere Application Server 6.1 .3
IBM Websphere Application Server 6.1 .2
IBM Websphere Application Server 6.1 .14
IBM Websphere Application Server 6.1 .1
IBM Websphere Application Server 6.1
IBM Websphere Application Server 6.1
IBM Websphere Application Server 6.1
IBM Websphere Application Server 6.1
IBM Websphere Application Server 6.1
IBM Websphere Application Server 6.1
用户可联系供应商下载使用Fix Pack (6.1.0.27或之后)或APAR PK78917补丁:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Related
