admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-15xx/CVE-2009-1553.json
cad-safe-bot db95377d9f Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00

188 lines
5.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-1553",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-05-06T16:30:00.517",
"lastModified": "2018-10-10T19:37:14.517",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Admin Console en Sun GlassFish Enterprise Server v2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de una consulta a (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, o (6) webService/webServicesGeneral.jsf; o del par\u00e1metro \"name\" a (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:glassfish_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDD6781-CF9E-4ED3-861F-99217EE0711C"
}
]
}
]
}
],
"references": [
{
"url": "http://dsecrg.com/pages/vul/show.php?id=134",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://jvn.jp/en/jp/JVN73653977/index.html",
"source": "cve@mitre.org"
},
{
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000027.html",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54249",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54250",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54251",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54252",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54253",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54254",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54255",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54256",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54257",
"source": "cve@mitre.org"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258528-1",
"source": "cve@mitre.org"
},
{
"url": "http://www.nabble.com/-DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p22595435.html",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.nabble.com/Re:--DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p23002524.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/503236/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/34824",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/34914",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2009/1255",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50453",
"source": "cve@mitre.org"
},
{
"url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29668",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29669",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29675",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink