CVE-2007-3503

Published: Jun 30, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2007:0818

vendor-advisory

x_refsource_REDHAT

oval:org.mitre.oval:def:10704

vdb-entry

signature

x_refsource_OVAL

26933

third-party-advisory

x_refsource_SECUNIA

http://docs.info.apple.com/article.html?artnum=307177

x_refsource_MISC

36488

vdb-entry

x_refsource_OSVDB

26314

third-party-advisory

x_refsource_SECUNIA

BEA07-177.00

vendor-advisory

x_refsource_BEA

sun-jdk-javadoc-xss(35168)

vdb-entry

x_refsource_XF

25769

third-party-advisory

x_refsource_SECUNIA

26369

third-party-advisory

x_refsource_SECUNIA

102958

vendor-advisory

x_refsource_SUNALERT

APPLE-SA-2007-12-14

vendor-advisory

x_refsource_APPLE

RHSA-2007:0956

vendor-advisory

x_refsource_REDHAT

26645

third-party-advisory

x_refsource_SECUNIA

ADV-2007-4224

vdb-entry

x_refsource_VUPEN

ADV-2007-3009

vdb-entry

x_refsource_VUPEN

GLSA-200709-15

vendor-advisory

x_refsource_GENTOO

28115

third-party-advisory

x_refsource_SECUNIA

ADV-2007-2383

vdb-entry

x_refsource_VUPEN

27203

third-party-advisory

x_refsource_SECUNIA

1018327

vdb-entry

x_refsource_SECTRACK

RHSA-2007:0829

vendor-advisory

x_refsource_REDHAT

24690

vdb-entry

x_refsource_BID

26631

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-3503

Description

Affected Products

References