CVE-2007-0514

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2007-0514
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html Patch Vendor Advisory
http://secunia.com/advisories/23843
http://osvdb.org/32997
http://osvdb.org/32998
http://www.vupen.com/english/advisories/2007/0326
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hitachi:cosminexus_application_server:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_server_-_enterprise_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer_version_5:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:enterprise:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_smart_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_version_5:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:hitachi_web_server:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_server_-_web_edition:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_server_-_web_edition_version_4:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition_version_4:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*
Information

Published : 2007-01-25 16:28

Updated : 2011-03-07 18:49

NVD link : CVE-2007-0514

Mitre link : CVE-2007-0514

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

hitachi

  • ucosminexus_developer_standard
  • cosminexus_server_-_standard_edition
  • ucosminexus_service_platform
  • cosminexus_server_-_enterprise_edition
  • cosminexus_server_-_web_edition_version_4
  • cosminexus_developer_standard_version_6
  • cosminexus_developer_version_5
  • cosminexus_developer_professional_version_6
  • ucosminexus_application_server_enterprise
  • ucosminexus_developer_light
  • ucosminexus_application_server_standard
  • hitachi_web_server
  • ucosminexus_application_server_smart_edition
  • cosminexus_developer_light_version_6
  • cosminexus_server_-_standard_edition_version_4
  • cosminexus_application_server_version_5
  • cosminexus_server_-_web_edition
  • ucosminexus_service_architect
  • cosminexus_application_server