CVE-2007-2904

Published: May 30, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.

Affected (4)

Products: Sun: Java System Messaging Server

Sun

1 product

Java System Messaging Server

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Sun Java System Messaging Server	Version 6.0
Sun Java System Messaging Server	Version 6.1
Sun Java System Messaging Server	Version 6.2
Sun Java System Messaging Server	Version 6.3

References (6)

http://osvdb.org/38146

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102909-1

Source: cve@mitre.org

PatchVendor Advisory

http://www.securitytracker.com/id?1018106

Source: cve@mitre.org

http://osvdb.org/38146

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102909-1

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securitytracker.com/id?1018106

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.