CVE-2008-5266

Publication date 28 November 2008

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

Description

Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751.

Read the notes from the security team

Status

Package Ubuntu Release Status
glassfish 18.10 cosmic Not in release
18.04 LTS bionic
Not affected
17.10 artful Ignored end of life
17.04 zesty Ignored end of life
16.10 yakkety Ignored end of life
16.04 LTS xenial
Not affected
15.10 wily Ignored end of life
15.04 vivid Ignored end of life
14.10 utopic Ignored end of life
14.04 LTS trusty Not in release
13.10 saucy Ignored end of life
13.04 raring Ignored end of life
12.10 quantal Ignored end of life
12.04 LTS precise Ignored end of life
11.10 oneiric Ignored end of life
11.04 natty Ignored end of life
10.10 maverick Ignored end of life
10.04 LTS lucid Ignored end of life
9.10 karmic Ignored end of life
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life
8.04 LTS hardy Ignored end of life
7.10 gutsy Ignored end of life
6.06 LTS dapper Not in release

Notes

ebarretto

NOT-FOR-US: Sun Java System Application Server

References

Other references

Access our resources on patching vulnerabilities