APAR status
Closed as program error.
Error description
When running a scan against the demo.testfire.net site, we are not finding the DOM based XSS issue.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** DOM XSS False Negative on Altoro Identified that the DOM XSS false negative was caused by PCRE matching empty regexes with everything. We already had a performance bug with KX caused by the same PCRE behavior 17260. Check was added to always return false if the regex is empty and we can now find the DOM XSS. The issue is caused by incorrect regular expression match for empty regex causes false negatives (addresses DOM XSS, Query XPath and Windows FIle Parameter alteration)
Problem conclusion
Fixed in Release Rational Appscan Enterprise edition 8.0 iFix 001.
Temporary fix
Comments
APAR Information
APAR number
PM25565
Reported component name
RATL APPSCAN EE
Reported component ID
5724T5200
Reported release
560
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-10-29
Closed date
2010-12-03
Last modified date
2010-12-03
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
RATL APPSCAN EE
Fixed component ID
5724T5200
Applicable component levels
R560 PSN
UP
[{"Business Unit":{"code":null,"label":null},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"560","Edition":"","Line of Business":{"code":null,"label":null}}]
Document Information
Modified date:
03 December 2010