CVE-2007-3716
published 2007-07-11CVE-2007-3716: The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | java_system_access_manager | — | — |
| sun | java_system_access_manager | — | — |
| sun | java_system_access_manager | — | — |
| sun | java_system_application_server | — | — |
| sun | java_system_application_server | — | — |
| sun | java_system_identity_server | — | — |
| sun | java_system_identity_server | — | — |
| sun | java_system_web_server | — | — |
| sun | jdk | <= 6 | — |
| sun | jre | <= 6 | — |