Published:2010/05/17 Last Updated:2015/10/21
JVN#90248889
Interstage Application Server vulnerable in request processing
Overview
The Servlet service provided by the Interstage Application Server from Fujitsu Limited, contains a vulnerability where certain requests are not processed properly.
Products Affected
- Interstage Application Framework Suite
- Interstage Application Server
- Interstage Business Application Server
- Interstage List Manager
Description
The Servlet service provided by the Interstage Application Server from Fujitsu Limited, contains a vulnerability where certain requests may be handled improperly depending on the settings at the load balancing device.
Impact
Invalid requests may be processed or user information may be leaked.
According to the developer, the impact of this vulnerability depends on the implementation of the web application.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2010-1942 |
| JVN iPedia |
JVNDB-2010-000018 |
Update History
- 2015/10/21
- FUJITSU LIMITED update status