CVE-2007-3503
CVE-2007-3503
The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://dev2dev.bea.com/pub/advisory/248http://docs.info.apple.com/article.html?artnum=307177http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.htmlhttp://osvdb.org/36488http://secunia.com/advisories/25769http://secunia.com/advisories/26314http://secunia.com/advisories/26369http://secunia.com/advisories/26631http://secunia.com/advisories/26645http://secunia.com/advisories/26933http://secunia.com/advisories/27203http://secunia.com/advisories/28115