Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4760

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4760
Last Modified 07 Mar 2011 09:59:08
Published 08 Sep 2007 06:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4760

Summary

The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.

Vulnerable Systems

Application

  • Hitachi Ucosminexus Application Server Enterprise 07 00

  • Hitachi Ucosminexus Application Server Enterprise 07 00 01

  • Hitachi Ucosminexus Application Server Enterprise 07 00 02

  • Hitachi Ucosminexus Application Server Enterprise 07 00 03

  • Hitachi Ucosminexus Application Server Enterprise 07 10

  • Hitachi Ucosminexus Application Server Enterprise 07 10 01

  • Hitachi Ucosminexus Application Server Enterprise 7 20

  • Hitachi Ucosminexus Application Server Enterprise 7 20 01

  • Hitachi Ucosminexus Application Server Standard 07 00

  • Hitachi Ucosminexus Application Server Standard 07 00 01

  • Hitachi Ucosminexus Application Server Standard 07 00 02

  • Hitachi Ucosminexus Application Server Standard 07 00 03

  • Hitachi Ucosminexus Application Server Standard 07 10

  • Hitachi Ucosminexus Application Server Standard 7 10 01

  • Hitachi Ucosminexus Application Server Standard 7 20

  • Hitachi Ucosminexus Application Server Standard 7 20 01

  • Hitachi Ucosminexus Developer Standard 07 00

  • Hitachi Ucosminexus Developer Standard 07 00 01

  • Hitachi Ucosminexus Developer Standard 07 00 02

  • Hitachi Ucosminexus Developer Standard 07 00 03

  • Hitachi Ucosminexus Developer Standard 07 10

  • Hitachi Ucosminexus Developer Standard 07 10 01

  • Hitachi Ucosminexus Developer Standard 07 20

  • Hitachi Ucosminexus Developer Standard 07 20 01

  • Hitachi Ucosminexus Developer Standard 07 50

  • Hitachi Ucosminexus Service Platform 07 00

  • Hitachi Ucosminexus Service Platform 07 00 01

  • Hitachi Ucosminexus Service Platform 07 00 02

  • Hitachi Ucosminexus Service Platform 07 00 03

  • Hitachi Ucosminexus Service Platform 07 10

  • Hitachi Ucosminexus Service Platform 07 10 01

  • Hitachi Ucosminexus Service Platform 07 20

  • Hitachi Ucosminexus Service Platform 7 20 01


References

SECUNIA - 26671

XF - hitachi-javadoc-xss(36393)

VUPEN - ADV-2007-3033

BID - 25518

CONFIRM - http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html


Last Updated: 27 May 2016 10:45:57