Check Point Advisories

Update Protection against Adobe JRun 4 Management Console Cross-Site Scripting Vulnerability (APSB09-12)

Check Point Reference: CPAI-2009-192
Date Published: 17 Sep 2009
Severity: Medium
Last Updated: Thursday 01 January, 2009
Source: Adobe vulnerability identifier: APSB09-12
Industry Reference:CVE-2009-1874
Protection Provided by:
Who is Vulnerable? Adobe Systems JRun 4.0
Vulnerability Description A Cross Site Scripting (XSS) vulnerability has been discovered in Adobe JRun Management Console. JRun is an application server based on Java 2 Platform, Enterprise Edition (J2EE). It works with popular Web servers including Apache and IIS. A remote attacker could exploit this issue to execute a cross-site scripting attack that could potentially lead to code execution.
Update/Patch AvaliableApply Hotfix:
Adobe vulnerability identifier: APSB09-12
Vulnerability DetailsThe vulnerability is due to an error in the Adobe JRun Management Console that fails to sufficiently validate input when processing client HTTP requests. A remote attacker could trigger this issue via a specially crafted HTTP request. Successful exploitation of this issue will allow the attacker to inject arbitrary web script or HTML to the vulnerable server.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK