CVE-2007-3715
published 2007-07-11CVE-2007-3715: Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | java_system_access_manager | — | — |
| sun | java_system_access_manager | — | — |
| sun | java_system_access_manager | — | — |
| sun | java_system_application_server | — | — |
| sun | java_system_application_server | — | — |
| sun | java_system_identity_server | — | — |
| sun | java_system_identity_server | — | — |
| sun | java_system_portal_server | — | — |
| sun | java_system_web_server | — | — |
| sun | jdk | <= 6 | — |
| sun | jre | <= 6 | — |