Lucene search
MitreCVE-2007-6572HistoryDec 28, 2007 - 9:46 p.m.
CVE-2007-6572
2007-12-2821:46:00
CWE-79
mitre
web.nvd.nist.gov
24
4
cve-2007-6572
cross-site scripting
xss
sun java system web server
vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.013
Percentile
86.0%
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
Affected configurations
Node
sunjava_system_web_proxy_serverMatch3.6
ORsunjava_system_web_proxy_serverMatch3.6sp1
ORsunjava_system_web_proxy_serverMatch3.6sp10
ORsunjava_system_web_proxy_serverMatch3.6sp2
ORsunjava_system_web_proxy_serverMatch3.6sp3
ORsunjava_system_web_proxy_serverMatch3.6sp4
ORsunjava_system_web_proxy_serverMatch3.6sp5
ORsunjava_system_web_proxy_serverMatch3.6sp6
ORsunjava_system_web_proxy_serverMatch3.6sp7
ORsunjava_system_web_proxy_serverMatch3.6sp8
ORsunjava_system_web_proxy_serverMatch3.6sp9
ORsunjava_system_web_proxy_serverMatch4.0
ORsunjava_system_web_proxy_serverMatch4.0sp1
ORsunjava_system_web_proxy_serverMatch4.0.2
ORsunjava_system_web_proxy_serverMatch4.0.3
ORsunjava_system_web_proxy_serverMatch4.0.4
ORsunjava_system_web_proxy_serverMatch4.0.5
ORsunjava_system_web_serverMatch6.0
ORsunjava_system_web_serverMatch6.0sp1
ORsunjava_system_web_serverMatch6.0sp10
ORsunjava_system_web_serverMatch6.0sp2
ORsunjava_system_web_serverMatch6.0sp3
ORsunjava_system_web_serverMatch6.0sp4
ORsunjava_system_web_serverMatch6.0sp5
ORsunjava_system_web_serverMatch6.0sp6
ORsunjava_system_web_serverMatch6.0sp7
ORsunjava_system_web_serverMatch6.0sp8
ORsunjava_system_web_serverMatch6.0sp9
ORsunjava_system_web_serverMatch6.1
ORsunjava_system_web_serverMatch6.1sp1
ORsunjava_system_web_serverMatch6.1sp2
ORsunjava_system_web_serverMatch6.1sp3
ORsunjava_system_web_serverMatch6.1sp4
ORsunjava_system_web_serverMatch6.1sp5
ORsunjava_system_web_serverMatch6.1sp6
ORsunjava_system_web_serverMatch6.1sp7
ORsunjava_system_web_serverMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp1:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp10:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp2:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp3:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp4:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp5:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp6:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp7:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp8:*:*:*:*:*:* |
References
Social References
More
Related
cvelist
cvelist
CVE-2007-6572
2007-12-28 21:00:00
nvd
nvd
CVE-2007-6572
2007-12-28 21:46:00
prion
prion
Cross site scripting
2007-12-28 21:46:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.013
Percentile
86.0%
Related for CVE-2007-6572