Sun Java System Application Server and Web Server 7.0 up to and including 9.0 prior to 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent malicious users to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun java system application server 8.2 |
||
sun java system application server 9.0 |
||
sun java system web server 7.0 |