Interstage HTTP Serverにおけるクロスサイトスクリプティング(XSS)の問題(CVE-2007-5000) (2008年12月17日)
1.脆弱性の説明
Interstage HTTP Serverのイメージマップ機能において、クロスサイトスクリプティン グ(XSS)脆弱性の問題が確認されました。本脆弱性問題は、CVE-2007-5000に該当します。
富士通は、3.に示すセキュリティパッチを提供していますので、早急に適用する様に お願いします。
Interstage製品については以下のページを参照してください。
https://www.fujitsu.com/jp/products/software/middleware/business-middleware/interstage/
2. 脆弱性のもたらす脅威
クロスサイトスクリプティング(XSS)の脆弱性を利用すると、ユーザのWebブラウザ上で任意のスクリプトを実行される可能性があります。
3. 該当システム・対策情報
3-1.該当システム
GP7000F, PRIMEPOWER, GP-S, PRIMERGY, GP5000, CELSIUS, FMVシリーズ, AT互換機, PRIMEQUEST, SPARC Enterprise
3-2.該当製品・対策Patch
注意)後述する回避方法は、製品ごとに設定内容が異なるものがあります。製品名末尾の括弧内記載記号は、回避方法(3)の設定内容に対応しています。
・Interstage Application Server
・Interstage Web Server
・Interstage Application Framework Suite
・Interstage Apworks
・Interstage Studio
・Interstage Business Application Server
・Interstage Job Workload Server
・Systemwalker Resource Coordinator
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Application Server Enterprise Edition V5.0L10 [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Standard Edition V5.0L10 [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Web-J Edition V5.0L10 [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Enterprise Edition V5.0L10A [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Standard Edition V5.0L10A [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Web-J Edition V5.0L10A [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Enterprise Edition V5.0L10B [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Standard Edition V5.0L10B [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Web-J Edition V5.0L10B [a] | Windows | F3FMihs | TP09823 |
Interstage Application Server Enterprise Edition V5.0L20 [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Standard Edition V5.0L20 [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Web-J Edition V5.0L20 [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Plus V5.0L20 [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Plus Developer V5.0L20 [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Enterprise Edition V5.0L20A [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Standard Edition V5.0L20A [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Web-J Edition V5.0L20A [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Plus V5.0L20A [a] | Windows | F3FMihs | TP19823 |
Interstage Application Server Enterprise Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Standard Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Web-J Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Plus V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Plus Developer V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Web-J Edition V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Plus V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Enterprise Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Standard Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Web-J Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Plus V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Server Enterprise Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Server Standard Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Server Web-J Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Server Plus V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Server Enterprise Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Standard Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Web-J Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Plus V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Plus Developer V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Web-J Edition V7.0L10A [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Enterprise Edition V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Standard Edition V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Web-J Edition V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Plus V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Server Enterprise Edition 8.0.0 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Standard-J Edition 8.0.0 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Web-J Edition 8.0.0 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Enterprise Edition 8.0.1 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Standard-J Edition 8.0.1 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Web-J Edition 8.0.1 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Enterprise Edition 8.0.3 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Standard-J Edition 8.0.3 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Web-J Edition 8.0.3 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Application Server Enterprise Edition V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Application Server Enterprise Edition 5.0 [c] | Solaris | FJSVihs | 912327-11 |
Interstage Application Server Standard Edition 5.0 [c] | Solaris | FJSVihs | 912327-11 |
Interstage Application Server Web-J Edition 5.0 [c] | Solaris | FJSVihs | 912327-11 |
Interstage Application Server Enterprise Edition 5.0.1 [c] | Solaris | FJSVihs | 912499-09 |
Interstage Application Server Standard Edition 5.0.1 [c] | Solaris | FJSVihs | 912499-09 |
Interstage Application Server Web-J Edition 5.0.1 [c] | Solaris | FJSVihs | 912499-09 |
Interstage Application Server Enterprise Edition 5.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Standard Edition 5.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Web-J Edition 5.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Plus 5.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Enterprise Edition 5.1.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Standard Edition 5.1.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Web-J Edition 5.1.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Plus 5.1.1 [c] | Solaris | FJSVihs | 913075 |
Interstage Application Server Enterprise Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Server Standard Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Server Web-J Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Server Plus 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Server Enterprise Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Server Standard Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Server Web-J Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Server Plus 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Server Enterprise Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Server Standard Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Server Web-J Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Server Plus 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Server Enterprise Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Server Standard Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Server Web-J Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Server Plus 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Server Enterprise Edition 7.0.1 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Server Standard Edition 7.0.1 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Server Web-J Edition 7.0.1 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Server Plus 7.0.1 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Server Enterprise Edition 8.0.0 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Standard-J Edition 8.0.0 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Web-J Edition 8.0.0 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Enterprise Edition 8.0.3 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Standard-J Edition 8.0.3 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Web-J Edition 8.0.3 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Application Server Enterprise Edition V9.0.0 [d] | Solaris | FJSVihs | T001004SP-04 |
Interstage Application Server Standard-J Edition V9.0.0 [d] | Solaris | FJSVihs | T001004SP-04 |
Interstage Application Server Enterprise Edition V5.0L10 [c] | Turbolinux 7 Server | FJSVihs | T00019-10 |
Interstage Application Server Standard Edition V5.0L10 [c] | Turbolinux 7 Server | FJSVihs | T00019-10 |
Interstage Application Server Web-J Edition V5.0L10 [c] | Turbolinux 7 Server | FJSVihs | T00019-10 |
Interstage Application Server Enterprise Edition V5.0L11 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00034-09 |
Interstage Application Server Standard Edition V5.0L11 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00034-09 |
Interstage Application Server Web-J Edition V5.0L11 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00034-09 |
Interstage Application Server Enterprise Edition V5.0L20 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00091-08 |
Interstage Application Server Standard Edition V5.0L20 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00091-08 |
Interstage Application Server Web-J Edition V5.0L20 [c] | Turbolinux 7 Server/ Turbolinux 8 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00091-08 |
Interstage Application Server Plus V5.0L20 [c] | Turbolinux 7 Server/ RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00091-08 |
Interstage Application Server Enterprise Edition V6.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Server Standard Edition V6.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Server Web-J Edition V6.0L10 [c] | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00258-07 |
Interstage Application Server Plus V6.0L10 [c] | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00258-07 |
Interstage Application Server Web-J Edition V6.0L11 [c] | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Server Plus V6.0L11 [c] | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Server Enterprise Edition V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Server Standard Edition V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Server Web-J Edition V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Server Plus V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Server Enterprise Edition V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
Interstage Application Server Standard Edition V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
Interstage Application Server Web-J Edition V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
Interstage Application Server Plus V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
Interstage Application Server Enterprise Edition 8.0.0 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Standard-J Edition 8.0.0 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Web-J Edition 8.0.0 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Enterprise Edition 8.0.3 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Standard-J Edition 8.0.3 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Web-J Edition 8.0.3 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Application Server Enterprise Edition V9.0.0 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Application Server Enterprise Edition V9.0.0 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
Interstage Application Server Enterprise Edition V9.0.1 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Application Server Enterprise Edition V9.0.1 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
Interstage Application Server Standard-J Edition V9.0.1 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Application Server Standard-J Edition V9.0.1 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
Interstage Application Server Enterprise Edition V7.0L10 [c] | RHEL-AS4(IPF) | FJSVihs | T000178QP-03 |
Interstage Application Server Enterprise Edition 8.0.0 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Application Server Enterprise Edition 8.0.1 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Application Server Enterprise Edition 8.0.3 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Application Server Enterprise Edition V9.0.0 [d] | RHEL-AS4(IPF) | FJSVihs | T001002QP-02 |
Interstage Application Server Enterprise Edition V9.0.0 [d] | RHEL5(IPF) | FJSVihs | T001043QP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [d] | RHEL-AS4(IPF) | FJSVihs | T001002QP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [d] | RHEL5(IPF) | FJSVihs | T001043QP-02 |
Interstage Application Server Enterprise Edition 8.0.0 [a] | Windows(IPF) | F3FMihs | T001000IP-02 |
Interstage Application Server Enterprise Edition 8.0.3 [a] | Windows(IPF) | F3FMihs | T001000IP-02 |
Interstage Application Server Enterprise Edition V9.0.0 [b] | Windows(IPF) | F3FMihs | T001005IP-02 |
Interstage Application Server Standard-J Edition V9.0.0 [b] | Windows(IPF) | F3FMihs | T001005IP-02 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Web Server V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Web Server V9.0.0 [d] | Solaris | FJSVihs | T001004SP-04 |
Interstage Web Server V9.0.0 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Web Server V9.0.0 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
Interstage Web Server V9.0.1 [d] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T001003LP-02 |
Interstage Web Server V9.0.1 [d] | RHEL5(x86)/ RHEL5(Intel64) | FJSVihs | T001044LP-02 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Application Framework Suite Enterprise Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Standard Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Web Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Web Edition V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Enterprise Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Standard Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Web Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Application Framework Suite Enterprise Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Framework Suite Standard Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Framework Suite Web Edition V6.0L10C [a] | Windows | F3FMihs | TP49823 |
Interstage Application Framework Suite Standard Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Framework Suite Web Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Framework Suite Standard Edition V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Framework Suite Web Edition V7.0L11 [a] | Windows | F3FMihs | TP39823 |
Interstage Application Framework Suite Enterprise Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Framework Suite Standard Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Framework Suite Web Edition 6.0 [c] | Solaris | FJSVihs | T0103S-07 |
Interstage Application Framework Suite Enterprise Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Framework Suite Standard Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Framework Suite Web Edition 6.0.1 [c] | Solaris | FJSVihs | T0138S-06 |
Interstage Application Framework Suite Enterprise Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Framework Suite Standard Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Framework Suite Web Edition 6.0.2 [c] | Solaris | FJSVihs | T016RS-05 |
Interstage Application Framework Suite Standard Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Framework Suite Web Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Framework Suite Enterprise Edition 7.0.1 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Application Framework Suite Standard Edition 7.0.2 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Framework Suite Web Edition 7.0.2 [c] | Solaris | FJSVihs | T023AS-05 |
Interstage Application Framework Suite Enterprise Edition V6.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Framework Suite Standard Edition V6.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Framework Suite Web Edition V6.0L10 [c] | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVihs | T00258-07 |
Interstage Application Framework Suite Web Edition V6.0L11 [c] | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVihs | T00258-07 |
Interstage Application Framework Suite Standard Edition V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Framework Suite Web Edition V7.0L10 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Interstage Application Framework Suite Standard Edition V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
Interstage Application Framework Suite Web Edition V7.0L11 [c] | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVihs | T00603-05 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Apworks Enterprise Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Standard Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Modelers-J Edition V6.0L10 [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Enterprise Edition V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Standard Edition V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Modelers-J Edition V6.0L10A [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Enterprise Edition V6.0L10B [a] | Windows | F3FMihs | TP29823 |
Interstage Apworks Enterprise Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Apworks Standard Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Apworks Modelers-J Edition V7.0L10 [a] | Windows | F3FMihs | TP39823 |
Interstage Apworks Enterprise Edition 8.0.0 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Apworks Standard-J Edition 8.0.1 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Apworks Enterprise Edition 8.1.0 [a] | Windows | F3FMihs | T000106WP-04 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Studio Enterprise Edition V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio Standard-J Edition V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio with UML Modeling Tool V9.0.0 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio Enterprise Edition V9.0.0A [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio Standard-J Edition V9.0.0A [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio Enterprise Edition V9.0.1 [b] | Windows | F3FMihs | T001001WP-02 |
Interstage Studio Standard-J Edition V9.0.1 [b] | Windows | F3FMihs | T001001WP-02 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Business Application Server Standard Edition 8.0.0 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Business Application Server Standard Edition 8.0.1 [a] | Windows | F3FMihs | T000106WP-04 |
Interstage Business Application Server Enterprise Edition 7.0 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Business Application Server Enterprise Edition 7.0.1 [c] | Solaris | FJSVihs | T013RS-06 |
Interstage Business Application Server Enterprise Edition 8.0.0 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Business Application Server Standard Edition 8.0.0 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Business Application Server Enterprise Edition 8.0.1 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Business Application Server Standard Edition 8.0.0 [c] | RHEL-AS4(x86)/ AS4(EM64T) | FJSVihs | T000181LP-03 |
Interstage Business Application Server Enterprise Edition 8.0.0 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Business Application Server Standard Edition 8.0.0 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Business Application Server Enterprise Edition 8.0.1 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Business Application Server Standard Edition 8.0.1 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Interstage Job Workload Server 8.1.1 [c] | Solaris | FJSVihs | T000180SP-04 |
Interstage Job Workload Server 8.0.0 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Job Workload Server 8.0.1 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Job Workload Server 8.1.0 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
Interstage Job Workload Server 8.1.1 [c] | RHEL-AS4(IPF) | FJSVihs | T000179QP-03 |
製品名 | 対象OS | パッケージ名 | Patch ID |
---|---|---|---|
Systemwalker Resource Coordinator 12.1 [c] | Solaris | FJSVihs | T013RS-06 |
Systemwalker Resource Coordinator 12.2 [c] | Solaris | FJSVihs | T023AS-05 |
Systemwalker Resource Coordinator V12.0L20 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
Systemwalker Resource Coordinator V12.0L30 [c] | RHEL-AS3(x86)/ ES3(x86) | FJSVihs | T00603-05 |
参考: 該当製品の確認方法
製品のバージョンを確認するには、製品に添付の「ソフトウェア説明書」を参照してください。
3-3. 回避方法
以下のいずれかの方法で、環境定義ファイル(httpd.conf)を編集し、回避してください。編集後は、Interstage HTTP Serverを再起動する必要があります。
(1) | AddHandlerディレクティブに"imap-file 拡張子"が設定されている場合は、 AddHandlerディレクティブを削除するか、または先頭にハッシュマーク(#)を追加してコメント行にすることで、イメージマップ機能を無効にします。
#AddHandler imap-file .map |
(2) | (1)が不可の場合、ImapMenuディレクティブに"none"を指定して、イメージマップ機能によるメニュー表示を無効にします。
ImapMenu none |
(3) | (1) (2) いずれも不可の場合、以下を設定することで、メニュー表示ページの文字エンコードを明示し、またマップファイルに対する不適切な指定を拒否します。
|
4. 関連情報
- CVE-2007-5000
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 - JVN#80057925
「Apache HTTP Server の mod_imap および mod_imagemap におけるクロスサイトスク リプティングの脆弱性」
http://jvn.jp/jp/JVN80057925/index.html
5. 改版履歴
- 2008年12月17日
- 「3. 該当システム・パッチ情報」に Patch 情報 を追加
- 「参考: 該当製品の確認方法」を記載
- 2008年1月17日 新規掲載