CVE-2007-3503 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-3503
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3503

Description: The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/35168 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 ST 1018327 SAID Secunia Advisory: SA25769 Secunia Advisory: SA27203 Secunia Advisory: SA26645 Secunia Advisory: SA28115 Secunia Advisory: SA26933 Secunia Advisory: SA26631 Secunia Advisory: SA26369 Secunia Advisory: SA26314 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0956.html http://www.redhat.com/support/errata/RHSA-2007-0829.html http://www.redhat.com/support/errata/RHSA-2007-0818.html MISC http://docs.info.apple.com/article.html?artnum=307177 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml BID 24690 BEA http://dev2dev.bea.com/pub/advisory/248 APPLE http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

Return to the previous page.