Vulnerability: Cross-site scripting in Perl on Solaris
Danger: Low
If the Patch: Yes
Number of vulnerabilities: 1
CVE ID: CVE-2010-2761
Impact: Cross Site Scripting
Affected Products: Sun Solaris 10, Sun Solaris 9
Affected versions: Perl in Solaris 10.x, possibly earlier.
Perl in Solaris 9.x, possibly earlier.
Description:
The vulnerability allows malicious people to conduct XSS attacks.
Solaris – a computer operating system developed by Sun Microsystems, which is now owned by Oracle Corporation. Despite the fact that Solaris – operating system is closed source, most of it is open and published in draft OpenSolaris.
The vulnerability is here:
https://malwarelist.wordpress.com/2012/10/13/cross-site-scripting-in-cgi-pm/
Manufacturer URL: http://www.oracle.com/us/sun/index.htm
Solution: Install the latest version from the manufacturer.
links:
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2761_code_injection