Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
oryginał ENAV:N/AC:M/Au:N/C:C/I:C/A:CSun Java System Application Server
APPSun8.29.0Sun Java System Web Server
APPSun7.0
Powiązane podatności
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System...
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update ...
Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7....
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, ...
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) ...