Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5809

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5809
Last Modified 07 Mar 2011 10:01:20
Published 05 Nov 2007 12:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5809

Summary

Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.

Vulnerable Systems

Application

  • Hitachi Cosminexus Application Server Enterprise 06 51 J

  • Hitachi Cosminexus Application Server Standard 06 51 J

  • Hitachi Cosminexus Developer Light Version 6 06 51 J

  • Hitachi Cosminexus Developer Professional Version 6 06 51 J

  • Hitachi Cosminexus Developer Standard Version 6 06 51 J

  • Hitachi Cosminexus Server 04 01

  • Hitachi Ucosminexus Application Server Enterprise 07 50 01

  • Hitachi Ucosminexus Application Server Standard 07 50 01

  • Hitachi Ucosminexus Developer Light 06 71 D

  • Hitachi Ucosminexus Developer Professional 07 50 01

  • Hitachi Ucosminexus Developer Standard 07 50 01

  • Hitachi Ucosminexus Service Architect 07 50 01

  • Hitachi Ucosminexus Service Platform 07 50 01

  • Hitachi Web Server 01 00

  • Hitachi Web Server 01 01

  • Hitachi Web Server 01 01 D

  • Hitachi Web Server 01 02 D

  • Hitachi Web Server 01 02 E

  • Hitachi Web Server 02 00

  • Hitachi Web Server 02 00 A

  • Hitachi Web Server 02 02

  • Hitachi Web Server 02 04 B

  • Hitachi Web Server 02 06 A

  • Hitachi Web Server 03 00

  • Hitachi Web Server 03 00 01


References

VUPEN - ADV-2007-3666

CONFIRM - http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html

SECUNIA - 27421

OSVDB - 42027

BID - 26271


Last Updated: 27 May 2016 10:46:17