Cross-site scripting in Perl on Solaris

Posted: October 13, 2012 in Vulnerabilities
Tags: , , ,

XSS alertVulnerability: Cross-site scripting in Perl on Solaris

Danger: Low
If the Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2010-2761
Impact: Cross Site Scripting

Affected Products: Sun Solaris 10, Sun Solaris 9

Affected versions: Perl in Solaris 10.x, possibly earlier.
Perl in Solaris 9.x, possibly earlier.

Description:

The vulnerability allows malicious people to conduct XSS attacks.

Solaris – a computer operating system developed by Sun Microsystems, which is now owned by Oracle Corporation. Despite the fact that Solaris – operating system is closed source, most of it is open and published in draft OpenSolaris.

The vulnerability is here:

https://malwarelist.wordpress.com/2012/10/13/cross-site-scripting-in-cgi-pm/

Manufacturer URL: http://www.oracle.com/us/sun/index.htm

Solution: Install the latest version from the manufacturer.

links:

https://blogs.oracle.com/sunsecurity/entry/cve_2010_2761_code_injection

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s