Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-07-11T23:00:00
Updated: 2024-08-07T14:28:51.968Z
Reserved: 2007-07-11T00:00:00
Link: CVE-2007-3715
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-07-11T23:30:00.000
Modified: 2024-11-21T00:33:53.630
Link: CVE-2007-3715
Redhat
No data.