Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:ORACLE:GLASSFISH-MUL-XSS

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Oracle GlassFish Enterprise Server Multiple Stored Cross Site Scripting

Release Date

 2012/05/16

Update Number

 2136

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Oracle GlassFish Enterprise Server Multiple Stored Cross Site Scripting


This signature detects attempts to exploit multiple known cross-site scripting vulnerabilities in Oracle GlassFish. A successful attack can result in the compromise of Web browser cookies associated with the site, and modification of user information.

Extended Description

Oracle GlassFish Server is prone to multiple cross-site scripting and HTML-injection vulnerabilities that affect the administrative web interface. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. This vulnerability affects the following supported versions: GlassFish Enterprise Server 3.1.1

Affected Products

  • Apple mac_os_x 10.6.8
  • Apple mac_os_x 10.7.4
  • Apple mac_os_x_server 10.6.8
  • Apple mac_os_x_server 10.7.4
  • Hp hp-ux B.11.11
  • Hp hp-ux B.11.23
  • Hp hp-ux B.11.31
  • Oracle glassfish_enterprise_server 3.1.1
  • Red_hat enterprise_linux_desktop_supplementary 5 Client
  • Red_hat enterprise_linux_desktop_supplementary 6
  • Red_hat enterprise_linux_hpc_node_supplementary 6
  • Red_hat enterprise_linux_server_supplementary 6
  • Red_hat enterprise_linux_supplementary 5 Server
  • Red_hat enterprise_linux_workstation_supplementary 6
  • Sun jdk_(linux_production_release) 1.6.0
  • Sun jdk_(linux_production_release) 1.6.0 01
  • Sun jdk_(linux_production_release) 1.6.0 01-B06
  • Sun jdk_(linux_production_release) 1.6.0 02
  • Sun jdk_(linux_production_release) 1.6.0 03
  • Sun jdk_(linux_production_release) 1.6.0 04
  • Sun jdk_(linux_production_release) 1.6.0 05
  • Sun jdk_(linux_production_release) 1.6.0 06
  • Sun jdk_(linux_production_release) 1.6.0 07
  • Sun jdk_(linux_production_release) 1.6.0 10
  • Sun jdk_(linux_production_release) 1.6.0 11
  • Sun jdk_(linux_production_release) 1.6.0 13
  • Sun jdk_(linux_production_release) 1.6.0 14
  • Sun jdk_(linux_production_release) 1.6.0 15
  • Sun jdk_(linux_production_release) 1.6.0 17
  • Sun jdk_(linux_production_release) 1.6.0 18
  • Sun jdk_(linux_production_release) 1.6.0 19
  • Sun jdk_(linux_production_release) 1.6.0 20
  • Sun jdk_(linux_production_release) 1.6.0_21
  • Sun jdk_(linux_production_release) 1.6.0_22
  • Sun jdk_(linux_production_release) 1.6.0_23
  • Sun jdk_(linux_production_release) 1.6.0_24
  • Sun jdk_(linux_production_release) 1.6.0_25
  • Sun jdk_(linux_production_release) 1.6.0_26
  • Sun jdk_(linux_production_release) 1.6.0_27
  • Sun jdk_(linux_production_release) 1.6.0_28
  • Sun jdk_(linux_production_release) 1.6.0_30
  • Sun jdk_(linux_production_release) 1.6.0_32
  • Sun jdk_(linux_production_release) 1.6.0 Update 10
  • Sun jdk_(linux_production_release) 1.6.0 Update 11
  • Sun jdk_(linux_production_release) 1.6.0 Update 12
  • Sun jdk_(linux_production_release) 1.6.0 Update 13
  • Sun jdk_(linux_production_release) 1.6.0 Update 14
  • Sun jdk_(linux_production_release) 1.6.0 Update 15
  • Sun jdk_(linux_production_release) 1.6.0 Update 16
  • Sun jdk_(linux_production_release) 1.6.0 Update 17
  • Sun jdk_(linux_production_release) 1.6.0 Update 18
  • Sun jdk_(linux_production_release) 1.6.0 Update 19
  • Sun jdk_(linux_production_release) 1.6.0 Update 20
  • Sun jdk_(linux_production_release) 1.6.0 Update 21
  • Sun jdk_(linux_production_release) 1.6.0 Update 3
  • Sun jdk_(linux_production_release) 1.6.0 Update 4
  • Sun jdk_(linux_production_release) 1.6.0 Update 5
  • Sun jdk_(linux_production_release) 1.6.0 Update 6
  • Sun jdk_(linux_production_release) 1.6.0 Update 7
  • Sun jdk_(linux_production_release) 1.7.0
  • Sun jdk_(linux_production_release) 1.7.0_2
  • Sun jdk_(linux_production_release) 1.7.0_4
  • Sun jdk_(solaris_production_release) 1.6.0
  • Sun jdk_(solaris_production_release) 1.6.0 01
  • Sun jdk_(solaris_production_release) 1.6.0 01-B06
  • Sun jdk_(solaris_production_release) 1.6.0 02
  • Sun jdk_(solaris_production_release) 1.6.0 03
  • Sun jdk_(solaris_production_release) 1.6.0 04
  • Sun jdk_(solaris_production_release) 1.6.0 05
  • Sun jdk_(solaris_production_release) 1.6.0 06
  • Sun jdk_(solaris_production_release) 1.6.0 07
  • Sun jdk_(solaris_production_release) 1.6.0 10
  • Sun jdk_(solaris_production_release) 1.6.0 11
  • Sun jdk_(solaris_production_release) 1.6.0 13
  • Sun jdk_(solaris_production_release) 1.6.0 14
  • Sun jdk_(solaris_production_release) 1.6.0 15
  • Sun jdk_(solaris_production_release) 1.6.0 17
  • Sun jdk_(solaris_production_release) 1.6.0 18
  • Sun jdk_(solaris_production_release) 1.6.0 19
  • Sun jdk_(solaris_production_release) 1.6.0 20
  • Sun jdk_(solaris_production_release) 1.6.0_21
  • Sun jdk_(solaris_production_release) 1.6.0_22
  • Sun jdk_(solaris_production_release) 1.6.0_23
  • Sun jdk_(solaris_production_release) 1.6.0_24
  • Sun jdk_(solaris_production_release) 1.6.0_25
  • Sun jdk_(solaris_production_release) 1.6.0_26
  • Sun jdk_(solaris_production_release) 1.6.0_27
  • Sun jdk_(solaris_production_release) 1.6.0_28
  • Sun jdk_(solaris_production_release) 1.6.0_30
  • Sun jdk_(solaris_production_release) 1.6.0_32
  • Sun jdk_(solaris_production_release) 1.7.0
  • Sun jdk_(solaris_production_release) 1.7.0_2
  • Sun jdk_(solaris_production_release) 1.7.0_4
  • Sun jdk_(windows_production_release) 1.6.0
  • Sun jdk_(windows_production_release) 1.6.0 01
  • Sun jdk_(windows_production_release) 1.6.0 01-B06
  • Sun jdk_(windows_production_release) 1.6.0 02
  • Sun jdk_(windows_production_release) 1.6.0 03
  • Sun jdk_(windows_production_release) 1.6.0 04
  • Sun jdk_(windows_production_release) 1.6.0 05
  • Sun jdk_(windows_production_release) 1.6.0 06
  • Sun jdk_(windows_production_release) 1.6.0 07
  • Sun jdk_(windows_production_release) 1.6.0 10
  • Sun jdk_(windows_production_release) 1.6.0 11
  • Sun jdk_(windows_production_release) 1.6.0 13
  • Sun jdk_(windows_production_release) 1.6.0 14
  • Sun jdk_(windows_production_release) 1.6.0 15
  • Sun jdk_(windows_production_release) 1.6.0 17
  • Sun jdk_(windows_production_release) 1.6.0 18
  • Sun jdk_(windows_production_release) 1.6.0 19
  • Sun jdk_(windows_production_release) 1.6.0 20
  • Sun jdk_(windows_production_release) 1.6.0_21
  • Sun jdk_(windows_production_release) 1.6.0_22
  • Sun jdk_(windows_production_release) 1.6.0_23
  • Sun jdk_(windows_production_release) 1.6.0_24
  • Sun jdk_(windows_production_release) 1.6.0_25
  • Sun jdk_(windows_production_release) 1.6.0_26
  • Sun jdk_(windows_production_release) 1.6.0_27
  • Sun jdk_(windows_production_release) 1.6.0_28
  • Sun jdk_(windows_production_release) 1.6.0_30
  • Sun jdk_(windows_production_release) 1.6.0_32
  • Sun jdk_(windows_production_release) 1.7.0
  • Sun jdk_(windows_production_release) 1.7.0_2
  • Sun jdk_(windows_production_release) 1.7.0_4
  • Sun jre_(linux_production_release) 1.6.0
  • Sun jre_(linux_production_release) 1.6.0 01
  • Sun jre_(linux_production_release) 1.6.0 02
  • Sun jre_(linux_production_release) 1.6.0 03
  • Sun jre_(linux_production_release) 1.6.0 04
  • Sun jre_(linux_production_release) 1.6.0 05
  • Sun jre_(linux_production_release) 1.6.0 06
  • Sun jre_(linux_production_release) 1.6.0 07
  • Sun jre_(linux_production_release) 1.6.0 10
  • Sun jre_(linux_production_release) 1.6.0 11
  • Sun jre_(linux_production_release) 1.6.0 12
  • Sun jre_(linux_production_release) 1.6.0 13
  • Sun jre_(linux_production_release) 1.6.0 14
  • Sun jre_(linux_production_release) 1.6.0 15
  • Sun jre_(linux_production_release) 1.6.0 17
  • Sun jre_(linux_production_release) 1.6.0 18
  • Sun jre_(linux_production_release) 1.6.0 19
  • Sun jre_(linux_production_release) 1.6.0 20
  • Sun jre_(linux_production_release) 1.6.0_21
  • Sun jre_(linux_production_release) 1.6.0_22
  • Sun jre_(linux_production_release) 1.6.0_23
  • Sun jre_(linux_production_release) 1.6.0_24
  • Sun jre_(linux_production_release) 1.6.0_25
  • Sun jre_(linux_production_release) 1.6.0_26
  • Sun jre_(linux_production_release) 1.6.0_27
  • Sun jre_(linux_production_release) 1.6.0_28
  • Sun jre_(linux_production_release) 1.6.0_30
  • Sun jre_(linux_production_release) 1.6.0_31
  • Sun jre_(linux_production_release) 1.6.0_32
  • Sun jre_(linux_production_release) 1.7
  • Sun jre_(linux_production_release) 1.7.0_2
  • Sun jre_(linux_production_release) 1.7.0_4
  • Sun jre_(solaris_production_release) 1.6.0
  • Sun jre_(solaris_production_release) 1.6.0 01
  • Sun jre_(solaris_production_release) 1.6.0 02
  • Sun jre_(solaris_production_release) 1.6.0 03
  • Sun jre_(solaris_production_release) 1.6.0 04
  • Sun jre_(solaris_production_release) 1.6.0 05
  • Sun jre_(solaris_production_release) 1.6.0 06
  • Sun jre_(solaris_production_release) 1.6.0 07
  • Sun jre_(solaris_production_release) 1.6.0 10
  • Sun jre_(solaris_production_release) 1.6.0 11
  • Sun jre_(solaris_production_release) 1.6.0 12
  • Sun jre_(solaris_production_release) 1.6.0 13
  • Sun jre_(solaris_production_release) 1.6.0 14
  • Sun jre_(solaris_production_release) 1.6.0 15
  • Sun jre_(solaris_production_release) 1.6.0 17
  • Sun jre_(solaris_production_release) 1.6.0 18
  • Sun jre_(solaris_production_release) 1.6.0 19
  • Sun jre_(solaris_production_release) 1.6.0 2
  • Sun jre_(solaris_production_release) 1.6.0_21
  • Sun jre_(solaris_production_release) 1.6.0_22
  • Sun jre_(solaris_production_release) 1.6.0_23
  • Sun jre_(solaris_production_release) 1.6.0_24
  • Sun jre_(solaris_production_release) 1.6.0_25
  • Sun jre_(solaris_production_release) 1.6.0_26
  • Sun jre_(solaris_production_release) 1.6.0_27
  • Sun jre_(solaris_production_release) 1.6.0_28
  • Sun jre_(solaris_production_release) 1.6.0_30
  • Sun jre_(solaris_production_release) 1.6.0_31
  • Sun jre_(solaris_production_release) 1.6.0_32
  • Sun jre_(solaris_production_release) 1.7
  • Sun jre_(solaris_production_release) 1.7.0_2
  • Sun jre_(solaris_production_release) 1.7.0_4
  • Sun jre_(windows_production_release) 1.6.0
  • Sun jre_(windows_production_release) 1.6.0 01
  • Sun jre_(windows_production_release) 1.6.0 02
  • Sun jre_(windows_production_release) 1.6.0 03
  • Sun jre_(windows_production_release) 1.6.0 04
  • Sun jre_(windows_production_release) 1.6.0 05
  • Sun jre_(windows_production_release) 1.6.0 06
  • Sun jre_(windows_production_release) 1.6.0 07
  • Sun jre_(windows_production_release) 1.6.0 10
  • Sun jre_(windows_production_release) 1.6.0 11
  • Sun jre_(windows_production_release) 1.6.0 12
  • Sun jre_(windows_production_release) 1.6.0 13
  • Sun jre_(windows_production_release) 1.6.0 14
  • Sun jre_(windows_production_release) 1.6.0 15
  • Sun jre_(windows_production_release) 1.6.0 17
  • Sun jre_(windows_production_release) 1.6.0 18
  • Sun jre_(windows_production_release) 1.6.0 19
  • Sun jre_(windows_production_release) 1.6.0 2
  • Sun jre_(windows_production_release) 1.6.0 20
  • Sun jre_(windows_production_release) 1.6.0_21
  • Sun jre_(windows_production_release) 1.6.0_22
  • Sun jre_(windows_production_release) 1.6.0_23
  • Sun jre_(windows_production_release) 1.6.0_24
  • Sun jre_(windows_production_release) 1.6.0_25
  • Sun jre_(windows_production_release) 1.6.0_26
  • Sun jre_(windows_production_release) 1.6.0_27
  • Sun jre_(windows_production_release) 1.6.0_28
  • Sun jre_(windows_production_release) 1.6.0_30
  • Sun jre_(windows_production_release) 1.6.0_31
  • Sun jre_(windows_production_release) 1.6.0_32
  • Sun jre_(windows_production_release) 1.7
  • Sun jre_(windows_production_release) 1.7.0_2
  • Sun jre_(windows_production_release) 1.7.0_4

References

  • BugTraq: 53136
  • CVE: CVE-2012-0551

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out