Note: This is an archival copy of Security Sun Alert 200416 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000301.1.
Article ID : 1000301.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2006-11-06
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in Webmail May Allow Messages Embedded With Javascript to be Executed in End User's Browser

Category
Security

Release Phase
Resolved

Product
Sun Java System Messaging Server 6.0
iPlanet Messaging Server 5.2

Bug Id
6441335

Date of Resolved Release
24-OCT-2006

Impact

A security vulnerability in Sun Java System or iPlanet Messaging Servers may allow remote unprivileged users to craft specific messages which contain Javascript to be executed in the end user's browser.

Sun acknowledges, with thanks, Seth Hall of Ohio State University, for bringing this issue to our attention.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • iPlanet Messaging Server 5.2 (for Solaris 8 and 9) without patch 5.2hf2.13
  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for Solaris 8, 9, and 10) without patch 118207-56

x86 Platform

  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for Solaris 9 and 10) without patch 118208-56

Linux Platform

  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for RHEL 2.1 and 3.0) without patch 118209-56

To determine if Sun Java System Messaging Server is installed on a system, the following command can be run:

    % pkginfo SUNWmsgco
    application SUNWmsgco   Sun Java System Messaging Server Core Libraries

To determine the version of iPlanet Messaging Server on a system, the following command can be run:

    $ cat /etc/msgregistry.inf

A list of instances and installs will displayed (if any) if this file exists.

To determine the version of Sun Java Messaging Server on a system, the following command can be run:

    $ /opt/SUNWmsgsr/sbin/imsimta version

Symptoms

There are no predictable symptoms that would indicate the described vulnerability has been exploited.


Workaround

There is no workaround for this issue. Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • iPlanet Messaging Server 5.2 (for Solaris 8 and 9) with patch 5.2hf2.13 or later
  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for Solaris 8, 9, and 10) with patch 118207-56 or later

x86 Platform

  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for Solaris 9 and 10) with patch 118208-56 or later

Linux Platform

  • Sun Java System Messaging Server 6.0, 6.1, and 6.2 (for RHEL 2.1 and 3.0) with patch 118209-56 or later

Note: iPlanet Messaging Server 5.2 patch 5.2hf2.13 is available to all customers through normal support channels regardless of support contract.



References

118207-56
118208-56
118209-56




Attachments
This solution has no attachment