The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102497 Security Vulnerability in Webmail May Allow Messages Embedded With Javascript to be Executed in End User's Browser

Guest Author
Product: Sun Java System Messaging Server 6.0, iPlanet Messaging Server 5.2

A security vulnerability in Sun Java System or iPlanet Messaging Servers may allow remote unprivileged users to craft specific messages which contain Javascript to be executed in the end user's browser.

Sun acknowledges, with thanks, Seth Hall of Ohio State University, for bringing this issue to our attention.

Avoidance: Patch
State: Resolved
First released: 24-Oct-2006

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.