Sun: >> Java System Application Server >> 9.0 Security Vulnerabilities
Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.007
Published
2007-07-26
Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
CVSS Score
9.3
EPSS Score
0.011
Published
2007-07-11