|
IBM OS/400 HTTP Server "Expect" Header Cross-Site Scripting Vulnerability
|
|
Secunia Advisory:
|
SA28744
|
|
|
Release Date:
|
2008-02-04
|
|
Last Update:
|
2008-02-15
|
|
Popularity:
|
11,641 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Cross Site Scripting
|
|
Where:
|
From remote
|
|
Solution Status:
|
Partial Fix
|
|
| OS: | OS/400 5.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
PTFs are available for V5R3M0. See vendor's advisory for details.
Filter malicious characters and character sequences using a web proxy.
Provided and/or discovered by:
Reported by the vendor.
Changelog:
2008-02-13: Added CVE reference.
2008-02-15: Added the affected versions to the "Description" section. Updated "Solution" and "Original Advisory" sections.
Original Advisory:
IBM (SE31823):
http://www-1.ibm.com/support/docview....=nas22f5a0f082f6821c4862573e10041f7bd
IBM (SI30441):
http://www-1.ibm.com/support/docview....=nas31efe2d15e82a294c862573ef007f35d7
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
