Multiple vulnerabilities in Hitachi Business Logic
Multiple vulnerabilities in Hitachi Business Logic
Madrid, January 2, 2006 - Hitachi (*) has reported several security problems in Hitachi Business Logic, which can be exploited to carry out Cross-site Scripting and SQL Injection attacks.
The vulnerabilities affect versions 01-00 to 02-06 of Hitachi Business Logic for Windows and versions 01-01 to 02-00 for AIX. These flaws lie in some input forms not correctly validating data entered before showing it again to the user. This situation can be exploited by an attacker to run arbitrary script and HTML code in the user´s browser in the security context of the affected site. It can also be used to inject arbitrary HTTP headers that will be included in the reply send to the user.
A problem similar to the one described above exists in some input forms not correctly validating the data entered before using it in SQL queries. This vulnerability can be used to handle SQL queries and inject arbitrary SQL code.
Windows users that could be affected by these vulnerabilities are advised to install version 03-00 of Hitachi Business Logic. Users of AIX platforms should contact the Hitachi support service.
(*) The information released by Hitachi is available at:
http://www.hitachi-support.com/security_e/vuls_e/HS05-025_e/01-e.html
Oxygen3 24h-365d
by Panda Software
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel