CVE-2007-4760 - Vulnerability Details

The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachi	Ucosminexus Application Server Enterprise Ucosminexus Application Server Standard Ucosminexus Developer Standard Ucosminexus Service Platform

Configuration 1 [-]

OR	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00::aix:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00::solaris:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01::solaris:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_02::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_03::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::aix:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::hpux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:7_20::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:7_20_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00::aix:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00::solaris:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01::liniux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01::solaris:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_02::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_03::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::aix:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::hpux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01::hpux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_20::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_20_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_02::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_03::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_10::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_10_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_20::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_20_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_50::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_01::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_02::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_03::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10::linux:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10_01::linux_ipf:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10_01::windows:::::
	cpe:2.3:a:hitachi:ucosminexus_service_platform:07_20::windows:::::
cpe:2.3:a:hitachi:ucosminexus_service_platform:7_20_01::windows:::::

No data.

References

Link	Providers
http://secunia.com/advisories/26671
http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html
http://www.securityfocus.com/bid/25518
http://www.vupen.com/english/advisories/2007/3033
https://exchange.xforce.ibmcloud.com/vulnerabilities/36393

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-09-08T10:00:00

Updated: 2024-08-07T15:08:33.813Z

Reserved: 2007-09-07T00:00:00

Link: CVE-2007-4760

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-09-08T10:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4760

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-31T00:00:00", "descriptions": [{"lang": "en", "value": "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-3033", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3033"}, {"name": "26671", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26671"}, {"name": "hitachi-javadoc-xss(36393)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"}, {"name": "25518", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25518"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4760", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-3033", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3033"}, {"name": "26671", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26671"}, {"name": "hitachi-javadoc-xss(36393)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"}, {"name": "25518", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25518"}, {"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html", "refsource": "CONFIRM", "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:08:33.813Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-3033", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3033"}, {"name": "26671", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26671"}, {"name": "hitachi-javadoc-xss(36393)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"}, {"name": "25518", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25518"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4760", "datePublished": "2007-09-08T10:00:00", "dateReserved": "2007-09-07T00:00:00", "dateUpdated": "2024-08-07T15:08:33.813Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:aix:*:*:*:*:*", "matchCriteriaId": "F6FE70C8-749C-40A0-B087-14FDB6097CD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "2FE5D346-61E9-489B-9529-AA559E111DCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:linux:*:*:*:*:*", "matchCriteriaId": "E0E60F8E-0116-4215-8E52-1A663ECB834B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:solaris:*:*:*:*:*", "matchCriteriaId": "4FAC97A3-04E7-425C-AD8F-B75838E975FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:windows:*:*:*:*:*", "matchCriteriaId": "5A9DA03E-0164-465C-A819-E3AA7A0ECD89", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01:*:linux:*:*:*:*:*", "matchCriteriaId": "F2FB1026-648E-4FF0-AE95-F5D3115CA67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01:*:solaris:*:*:*:*:*", "matchCriteriaId": "3B1FFC3F-0948-446F-8539-D6362377DBFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_01:*:windows:*:*:*:*:*", "matchCriteriaId": "2921E3C5-EF08-4612-B72E-7DABC0A8142E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_02:*:windows:*:*:*:*:*", "matchCriteriaId": "BD3A10B2-C904-45FD-9DAE-30DC00FA7326", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_03:*:windows:*:*:*:*:*", "matchCriteriaId": "F6D8E1AA-B2CA-4029-8F25-35EEB0F15891", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:aix:*:*:*:*:*", "matchCriteriaId": "48E93BDB-BB6D-4D1C-B3DD-3518E045F753", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux:*:*:*:*:*", "matchCriteriaId": "82648C13-1D91-4C4C-A17B-64BCC5A24147", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "12382EE9-4D34-4724-9023-5F6C48944F4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux:*:*:*:*:*", "matchCriteriaId": "8453ECF8-9419-4AD3-9541-B362FA58E4E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "B0316DD8-E2EB-4953-96BC-894B87D6C815", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:windows:*:*:*:*:*", "matchCriteriaId": "CD5BC0AF-7872-4FC3-91CE-78EB0AF481F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "4103CEB4-1EAD-4359-A519-A90DC885ABDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "803D406B-49B9-45C5-AA8E-86ACD1A7D5D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_01:*:windows:*:*:*:*:*", "matchCriteriaId": "0F715E02-BCFE-46E9-B3EC-53A3B9207426", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:7_20:*:windows:*:*:*:*:*", "matchCriteriaId": "B64A3CE1-C2DC-470C-BDFB-2242C3A5614D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:7_20_01:*:windows:*:*:*:*:*", "matchCriteriaId": "DFB8F345-6CA2-45FF-B583-BABB75A7947D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:aix:*:*:*:*:*", "matchCriteriaId": "1F7055A9-7A8A-4EB0-B202-220825B3FBEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "4919D1DA-37C9-4C18-8F5B-C0BC6F6915D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:linux:*:*:*:*:*", "matchCriteriaId": "20ED59C6-CD06-4FE1-A484-A7E642F33AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:solaris:*:*:*:*:*", "matchCriteriaId": "58266C54-32FE-4E5D-94A8-4291A87208EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:windows:*:*:*:*:*", "matchCriteriaId": "F7043AE7-5CB7-4A64-B4FA-DE4A9C393146", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "5320D21A-C58E-47ED-8F7D-563F5A8E97CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01:*:liniux:*:*:*:*:*", "matchCriteriaId": "253875EB-69D3-4D64-926A-71108AAF347F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01:*:solaris:*:*:*:*:*", "matchCriteriaId": "9535228E-72D4-4779-9A31-6F82D2B84B01", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_01:*:windows:*:*:*:*:*", "matchCriteriaId": "5FBAAC3A-A4BD-4C12-85E4-D1535E7702BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_02:*:windows:*:*:*:*:*", "matchCriteriaId": "03E3C4E7-975C-4377-B2A7-EB5EB19F3C0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_03:*:windows:*:*:*:*:*", "matchCriteriaId": "A8A86ABB-0383-4C45-9E97-BB4DCC5CCE66", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:aix:*:*:*:*:*", "matchCriteriaId": "E24A1554-C2AB-4931-8D27-9225EFE7B6C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux:*:*:*:*:*", "matchCriteriaId": "930CA326-7B3E-4C46-8DD1-CB17CD0CC5FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "6511A0F9-6B01-49E1-8693-B6EC044DDB3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux:*:*:*:*:*", "matchCriteriaId": "0E5A504F-C4B1-44EC-A7AC-8690CF925B0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "84BE463B-0A3E-477C-B912-966625887D65", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:windows:*:*:*:*:*", "matchCriteriaId": "C4A7C88F-8B18-4D58-AC37-90E2AE658AEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01:*:hpux_ipf:*:*:*:*:*", "matchCriteriaId": "317A5BF8-0663-4D1A-8172-B90B962E0466", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "C5DF4BB1-43AE-4743-9F06-43B643D33EEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_10_01:*:windows:*:*:*:*:*", "matchCriteriaId": "42A988DB-2BA0-45B2-872C-D2A29CEA9FBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_20:*:windows:*:*:*:*:*", "matchCriteriaId": "6C6D711C-6F5F-436E-BF01-E26864A5E887", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:7_20_01:*:windows:*:*:*:*:*", "matchCriteriaId": "50F294FD-E70E-481A-809C-650320FEB9FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00:*:windows:*:*:*:*:*", "matchCriteriaId": "BCF9F6C9-B3C5-4295-B354-270F291B621B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_01:*:windows:*:*:*:*:*", "matchCriteriaId": "903ACB08-1A37-4096-95B5-7939D5F207F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_02:*:windows:*:*:*:*:*", "matchCriteriaId": "80F447C5-3540-4D0C-8C16-B59CB705306C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_00_03:*:windows:*:*:*:*:*", "matchCriteriaId": "2701E4A8-A967-49F3-A1C5-3A104DFDEA8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_10:*:windows:*:*:*:*:*", "matchCriteriaId": "7405A067-D7EC-42EF-967B-5A383B995A59", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_10_01:*:windows:*:*:*:*:*", "matchCriteriaId": "8ACA481B-77D3-4A72-874A-379FC705F440", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_20:*:windows:*:*:*:*:*", "matchCriteriaId": "B26B96FC-F166-40B1-83E4-6B468DAADB43", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_20_01:*:windows:*:*:*:*:*", "matchCriteriaId": "05A10AC6-7F74-4755-9E41-36F41B49D6D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:07_50:*:windows:*:*:*:*:*", "matchCriteriaId": "1DD1DAF5-B116-4F0D-A6FA-8400E40C4004", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00:*:linux:*:*:*:*:*", "matchCriteriaId": "0CADDEE7-D529-4644-9A5F-6235AD072CCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00:*:windows:*:*:*:*:*", "matchCriteriaId": "665CBCC5-7598-47C1-97F7-8FDF1A67E98F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_01:*:linux:*:*:*:*:*", "matchCriteriaId": "A823185B-DB4D-4076-9B41-5C0736C39EBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_01:*:windows:*:*:*:*:*", "matchCriteriaId": "7EF49ED1-F86B-4F29-AC16-BDA1AEDD6FA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_02:*:windows:*:*:*:*:*", "matchCriteriaId": "C0B5CCBA-6DAE-4F4A-8113-536D2DD1A2D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00_03:*:windows:*:*:*:*:*", "matchCriteriaId": "6F95EE9A-7567-45D4-8730-EC4F6D8FA540", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:linux:*:*:*:*:*", "matchCriteriaId": "CED6A3B7-F58D-47BE-81DB-59AC0DFC7F41", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "5B35D672-2560-4783-A74E-9FBDE3059A47", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:windows:*:*:*:*:*", "matchCriteriaId": "E56AD9B5-404C-4B36-B625-15A69336B697", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10_01:*:linux_ipf:*:*:*:*:*", "matchCriteriaId": "4027CD44-E1E5-4CA3-AC5F-41A4B21B74AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10_01:*:windows:*:*:*:*:*", "matchCriteriaId": "FC4633F6-5779-4196-B8AF-C3DD4089D43B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_20:*:windows:*:*:*:*:*", "matchCriteriaId": "C7FB7277-F1D3-4492-9CB2-95E0E8D3FACF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:7_20_01:*:windows:*:*:*:*:*", "matchCriteriaId": "B5B8AA9F-4D66-4A33-AF2C-95AAAEE2E917", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503."}, {"lang": "es", "value": "La herramienta javadoc del Kit para Java: Cosminexus Developer's de Cosminexus 7 y 7.5 puede generar documentos HTML que contienen vulnerabilidades de secuencias de comandos en sitios cruzados (XSS), lo cual permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n mediante vectores no especificados.\r\nNOTA: esto es probablemente id\u00e9ntico a CVE-2007-3503."}], "id": "CVE-2007-4760", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-09-08T10:17:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26671"}, {"source": "cve@mitre.org", "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25518"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3033"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26671"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object