CVE-2007-4760

Description

The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.

Affected products

• Hitachi / ucosminexus_application_server_enterprise07_00 – 07_00
• Hitachi / ucosminexus_application_server_enterprise07_00 – 07_00
• Hitachi / ucosminexus_application_server_enterprise07_00 – 07_00
• Hitachi / ucosminexus_application_server_enterprise07_00 – 07_00
• Hitachi / ucosminexus_application_server_enterprise07_00 – 07_00
• Hitachi / ucosminexus_application_server_enterprise07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_enterprise07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_enterprise07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_enterprise07_00_02 – 07_00_02
• Hitachi / ucosminexus_application_server_enterprise07_00_03 – 07_00_03
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10 – 07_10
• Hitachi / ucosminexus_application_server_enterprise07_10_01 – 07_10_01
• Hitachi / ucosminexus_application_server_enterprise07_10_01 – 07_10_01
• Hitachi / ucosminexus_application_server_enterprise07_10_01 – 07_10_01
• Hitachi / ucosminexus_application_server_enterprise7_20 – 7_20
• Hitachi / ucosminexus_application_server_enterprise7_20_01 – 7_20_01
• Hitachi / ucosminexus_application_server_standard07_00 – 07_00
• Hitachi / ucosminexus_application_server_standard07_00 – 07_00
• Hitachi / ucosminexus_application_server_standard07_00 – 07_00
• Hitachi / ucosminexus_application_server_standard07_00 – 07_00
• Hitachi / ucosminexus_application_server_standard07_00 – 07_00
• Hitachi / ucosminexus_application_server_standard07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_standard07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_standard07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_standard07_00_01 – 07_00_01
• Hitachi / ucosminexus_application_server_standard07_00_02 – 07_00_02
• Hitachi / ucosminexus_application_server_standard07_00_03 – 07_00_03
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard07_10 – 07_10
• Hitachi / ucosminexus_application_server_standard7_10_01 – 7_10_01
• Hitachi / ucosminexus_application_server_standard7_10_01 – 7_10_01
• Hitachi / ucosminexus_application_server_standard7_10_01 – 7_10_01
• Hitachi / ucosminexus_application_server_standard7_20 – 7_20
• Hitachi / ucosminexus_application_server_standard7_20_01 – 7_20_01
• Hitachi / ucosminexus_developer_standard07_00 – 07_00
• Hitachi / ucosminexus_developer_standard07_00_01 – 07_00_01
• Hitachi / ucosminexus_developer_standard07_00_02 – 07_00_02
• Hitachi / ucosminexus_developer_standard07_00_03 – 07_00_03
• Hitachi / ucosminexus_developer_standard07_10 – 07_10
• Hitachi / ucosminexus_developer_standard07_10_01 – 07_10_01
• Hitachi / ucosminexus_developer_standard07_20 – 07_20
• Hitachi / ucosminexus_developer_standard07_20_01 – 07_20_01
• Hitachi / ucosminexus_developer_standard07_50 – 07_50
• Hitachi / ucosminexus_service_platform07_00 – 07_00
• Hitachi / ucosminexus_service_platform07_00 – 07_00
• Hitachi / ucosminexus_service_platform07_00_01 – 07_00_01
• Hitachi / ucosminexus_service_platform07_00_01 – 07_00_01
• Hitachi / ucosminexus_service_platform07_00_02 – 07_00_02
• Hitachi / ucosminexus_service_platform07_00_03 – 07_00_03
• Hitachi / ucosminexus_service_platform07_10 – 07_10
• Hitachi / ucosminexus_service_platform07_10 – 07_10
• Hitachi / ucosminexus_service_platform07_10 – 07_10
• Hitachi / ucosminexus_service_platform07_10_01 – 07_10_01
• Hitachi / ucosminexus_service_platform07_10_01 – 07_10_01
• Hitachi / ucosminexus_service_platform07_20 – 07_20
• Hitachi / ucosminexus_service_platform7_20_01 – 7_20_01

References

• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/3033
• VENDOR_ADVISORYhttp://secunia.com/advisories/26671
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/36393
• MISChttp://www.securityfocus.com/bid/25518
• MISChttp://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html