Arbitrary Code Execution Vulnerability in Sun Java System Portal Server 7.0
CVE-2007-4289

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Portal Server
Vendor
CVE Published:
9 August 2007

What is CVE-2007-4289?

A vulnerability in Sun Java System Portal Server 7.0 is present due to improper processing of XSLT stylesheets during XML signature transformations. This flaw enables context-dependent attackers to exploit the system and execute arbitrary Java methods by delivering specially crafted XSLT stylesheets. This issue is related to the insufficient validation mechanisms employed within the server, leading to security weaknesses that can be further exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/473553/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.isecpartners.com/files/XMLDSIG_Command_Injecti...
x_refsource_MISC
http://secunia.com/advisories/26327
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.