Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 11/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Subscribe to Java System Application Server

Sun Java System Application Server and Web Server 7.0 up to and including 9.0 prior to 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent malicious users to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun java system application server 8.2
sun java system application server 9.0
sun java system web server 7.0

CWE-20 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102992-1 http://www.securityfocus.com/bid/24850 http://secunia.com/advisories/26023 http://www.isecpartners.com/advisories/2007-04-dsig.txt http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf http://sunsolve.sun.com/search/document.do?assetkey=1-66-200054-1 http://osvdb.org/37248 http://www.vupen.com/english/advisories/2007/2785 http://www.vupen.com/english/advisories/2007/2493 https://exchange.xforce.ibmcloud.com/vulnerabilities/35335 http://www.securityfocus.com/archive/1/473553/100/0/threaded http://www.securityfocus.com/archive/1/473552/100/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3715

Vulnerability Summary

References

Vulmon Search

About

Products

Connect