HIGH🇵🇱 Wersja polska

CVE-2007-3715

CVSS 9.3v2.0pub. 2007-07-11upd. 2026-04-23

Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.

CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Sun Java System Application Server

    APP
    Sun
    8.29.0
  • Sun Java System Web Server

    APP
    Sun
    7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2011-0807HIGH10.0ten sam produkt

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System...

CVE-2010-0388HIGH7.5ten sam produkt

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update ...

CVE-2010-0387HIGH7.5ten sam produkt

Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7....

CVE-2010-0386HIGH8.1ten sam produkt

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, ...

CVE-2010-0361HIGH10.0ten sam produkt

Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) ...