Intrusion Prevention

Sun.Java.Communications.Express.HTML.Injection

Description

This indicates an attack attempt against multiple HTML injection vulnerabilities in Sun Java System Communications Express.
The vulnerability is caused by the software's failure to sufficiently sanitize user supplied data. It allows a remote attacker to run attacker-supplied HTML or JavaScript code in the context of the affected site.

Affected Products

Sun Java System Communications Express 6.3 and prior versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to a newer version.

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	26785
Created	Jun 30, 2011
Updated	Feb 24, 2022
Risk
CVE ID	CVE-2009-0877
Exploit Prediction Score	0.22%
Default Action	drop
Active
Affected OS	All
Affected App	SUN

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

Sun.Java.Communications.Express.HTML.Injection

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

Sun.Java.Communications.Express.HTML.Injection

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center