What is the severity of CVE-2008-2518?

CVE-2008-2518 is classified as a medium severity vulnerability due to the potential for remote code execution via cross-site scripting.

How do I fix CVE-2008-2518?

To fix CVE-2008-2518, upgrade to Sun Java System Web Server 6.1 Service Pack 9 or later, or 7.0 Update 3 or later.

What types of attacks can exploit CVE-2008-2518?

CVE-2008-2518 can be exploited to execute arbitrary web scripts or HTML through cross-site scripting attacks.

Which versions of Sun Java System Web Server are affected by CVE-2008-2518?

CVE-2008-2518 affects Sun Java System Web Server versions 6.1 prior to SP9 and 7.0 prior to Update 3.

Are there any workarounds for CVE-2008-2518?

Temporary workarounds for CVE-2008-2518 include validating and sanitizing user input in the advanced search mechanism.

Vulnerability/
CVE-2008-2518

medium

4.3

CWE

3/6/2008

7/8/2024

CVE-2008-2518: XSS

First published: Tue Jun 03 2008(Updated: )

Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Sun Java System Web Server	=6.1-sp1
Sun Java System Web Server	=6.1-sp6
Sun Java System Web Server	=6.1-sp3
Sun Java System Web Server	=7.0-update_1
Sun Java System Web Server	=6.1
Sun Java System Web Server	=6.1-sp4
Sun Java System Web Server	=6.1-sp5
Sun Java System Web Server	=7.0
Sun Java System Web Server	=6.1-sp8
Sun Java System Web Server	=7.0-update_2
Sun Java System Web Server	=6.1-sp2
Sun Java System Web Server	=6.1-sp7

Remedy

http://sunsolve.sun.com/search/document.do?assetkey=1-26-236481-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-2518?
CVE-2008-2518 is classified as a medium severity vulnerability due to the potential for remote code execution via cross-site scripting.
How do I fix CVE-2008-2518?
To fix CVE-2008-2518, upgrade to Sun Java System Web Server 6.1 Service Pack 9 or later, or 7.0 Update 3 or later.
What types of attacks can exploit CVE-2008-2518?
CVE-2008-2518 can be exploited to execute arbitrary web scripts or HTML through cross-site scripting attacks.
Which versions of Sun Java System Web Server are affected by CVE-2008-2518?
CVE-2008-2518 affects Sun Java System Web Server versions 6.1 prior to SP9 and 7.0 prior to Update 3.
Are there any workarounds for CVE-2008-2518?
Temporary workarounds for CVE-2008-2518 include validating and sanitizing user input in the advanced search mechanism.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/remedy
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/sun
canonical/sun java system web server
version/sun java system web server/6.1-sp1
version/sun java system web server/6.1-sp6
version/sun java system web server/6.1-sp3
version/sun java system web server/7.0-update_1
version/sun java system web server/6.1
version/sun java system web server/6.1-sp4
version/sun java system web server/6.1-sp5
version/sun java system web server/7.0
version/sun java system web server/6.1-sp8
version/sun java system web server/7.0-update_2
version/sun java system web server/6.1-sp2
version/sun java system web server/6.1-sp7