CVE-2007-2904

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Messaging Server
Vendor: CVE Published:; 30 May 2007

Summary

Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.

References

http://www.securitytracker.com/id?1018106

vdb-entryx_refsource_SECTRACK

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://osvdb.org/38146

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
May 30, 2007
Vulnerability Reserved
May 29, 2007