- Fujitsu Patch & TA Information
- Oracle Solaris Patch & TA Information
Global
- Home >
- Support & Downloads >
- Software >
- Security >
- Fujitsu Patch & TA Information >
- This page provides Security Information.
Jasmine: HTTP response splitting vulnerability in WebLink template execution. February 19th, 2009
1. Description
HTTP response splitting vulnerability has been discovered in the Jasmine WebLink template execution.
Fujitsu provides security patches shown in 3.
Please apply them as soon as possible.
2. Impact
HTTP response splitting vulnerability
The HTTP response splitting vulnerability may allow a malicious attacker to cause following problems to a website managed by Jasmine WebLink.
- The attacker falsifies HTTP cache and shows fictitious content that does not exist on the site. Personal information of the user who accesses this cache is disclosed to the attacker.
- The atracker creates a malicious page by using this vulnerability. The malicious code is executed on the browser of the user who accesses this page and his/her personal information is disclosed to the attacker.
3. Affected systems and corresponding action
3-1. Affected systems:
PRIMERGY, GRANPOWER5000, PRIMEPOWER, GP7000F Series
3-2. Affected products and required patch
| Products | Target OS | Package name | Patch ID. |
|---|---|---|---|
| Jasmine2000 Enterprise Edition for Windows | Windows 2000 Server/ NT Server 4.0 | - | LFNW070806 |
| Jasmine2000 Enterprise Edition | Solaris 7 | - | LFSW070808 |
* For the Patches, please contact a Fujitsu system engineer or your partner(s).
3-3. Workaround
None.
4. Related information
None.
5. Revision history
- February 19th, 2009 : Initial release
