Top Five Web Application Vulnerabilities 12/1/08 - 12/14/08 - Top Web Vulnerabilities -
Top Web Vulnerabilities » Top Five Web Application Vulnerabilities 12/1/08 - 12/14/08
Top Five Web Application Vulnerabilities 12/1/08 - 12/14/08

1) Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
 
Sun Java Web Start and Java Plug-in are susceptible to multiple privilege escalation vulnerabilities.  An attacker can leverage these vulnerabilities to obtain sensitive information, violate the same-origin policy,  or read, write, and execute arbitrary files in the context of the user running the vulnerable application. Successful exploitation may result in a compromise of the underlying system. Fixes which address these issues have been released. Contact the vendor for more details.

http://www.securityfocus.com/bid/32620

2) IBM Rational ClearCase Cross-Site Scripting Vulnerability

IBM Rational ClearCase is susceptible to a Cross-Site Scripting vulnerability. If exploited, this vulnerability could give an attacker the means to perform account hijacking, execute malicious scripts, or steal proprietary information. Fixes which address this issue have been released. Contact the vendor for further details.

http://www.securityfocus.com/bid/32574

3) Sun Java Web Console Unspecified URI Redirection Vulnerability

Sun Java Web Console is susceptible to an unspecified URI Redirection vulnerability which an attacker can leverage to redirect legitimate, authenticated users to malicious sites. Updates which address this vulnerability are available. Contact the vendor for additional information.

http://www.securityfocus.com/bid/32771

4) Novell Netware ApacheAdmin Security Bypass Vulnerability

Novell Netware ApacheAdmin is susceptible to a security bypass vulnerability which an attacker can leverage to gain unauthorized access to the ApacheAdmin console after which further exploits would be possible. An update which addresses this issue has been released.  Contact the vendor for additional details.

http://www.securityfocus.com/bid/32657/

5) IBM WebSphere Application Server Multiple Unspecified Vulnerabilities

IBM WebSpehere Application Server is susceptible to multiple unspecified vulnerabilities of which at least one can be utilized to gain access to sensitive information. Advisories and fixes which address these issues have been released. Contact the vendor for more information.

http://www.securityfocus.com/bid/32679

Posted 12-16-2008 9:35 PM by mark.painter
Privacy Statement
Powered by Community Server (Non-Commercial Edition), by Telligent Systems