The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103015 A Security Vulnerability in Processing XSLT Style Sheets Affects Sun Java System Portal Server Software 7.0

Guest Author
Product: Sun Java System Portal Server 7

Sun Java System Portal Server Software 7.0 may not securely process XSLT style sheets contained in XSLT Transforms in XML Signatures. This may allow malicious XLST style sheets to be executed. For example, an arbitrary Java method could be executed due to this vulnerability.

Sun acknowledges, with thanks, Brad Hill of iSEC Partners, for bringing this issue to our attention.

Avoidance: Patch
State: Resolved
First released: 03-Aug-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.