CVE-2007-0514: XSS
First published: Fri Jan 26 2007(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachi Cosminexus Server | ||
| Hitachi Cosminexus Server | =6 | |
| Hitachi Cosminexus Application Server | ||
| Hitachi Cosminexus Developer | ||
| Hitachi uCosminexus Developer Professional | ||
| Hitachi uCosminexus Developer Standard | ||
| Hitachi Cosminexus Developer Version 5 | ||
| Hitachi Cosminexus Server - enterprise edition | ||
| Hitachi Cosminexus Server - Standard Edition | ||
| Hitachi Cosminexus Server - standard edition | ||
| Hitachi Cosminexus Server | ||
| Hitachi Cosminexus Server - Web edition | ||
| Hitachi Web Server | ||
| Hitachi uCosminexus Application Server | ||
| Hitachi uCosminexus Application Server | ||
| Hitachi Cosminexus Application Server | ||
| Hitachi uCosminexus | ||
| Hitachi uCosminexus | ||
| Hitachi uCosminexus Service Architect | ||
| Hitachi ucosminexus service platform |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-0514?
CVE-2007-0514 is classified as a high severity vulnerability affecting multiple Hitachi Web Server and Cosminexus products.
How do I fix CVE-2007-0514?
To fix CVE-2007-0514, update your Hitachi Web Server or Cosminexus products to the latest version that addresses this vulnerability.
What types of attacks does CVE-2007-0514 facilitate?
CVE-2007-0514 allows remote attackers to perform cross-site scripting (XSS) attacks via HTTP Expect headers or image maps.
Which products are affected by CVE-2007-0514?
CVE-2007-0514 affects various Hitachi products, including Hitachi Web Server, uCosminexus, and Cosminexus Server across several versions.
Can CVE-2007-0514 be exploited without authentication?
Yes, CVE-2007-0514 can be exploited by remote attackers without authentication, making it particularly dangerous.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/hitachi
- canonical/hitachi cosminexus server
- version/hitachi cosminexus server/6
- canonical/hitachi cosminexus application server
- canonical/hitachi cosminexus developer
- canonical/hitachi ucosminexus developer professional
- canonical/hitachi ucosminexus developer standard
- canonical/hitachi cosminexus developer version 5
- canonical/hitachi cosminexus server - enterprise edition
- canonical/hitachi cosminexus server - standard edition
- canonical/hitachi cosminexus server - web edition
- canonical/hitachi web server
- canonical/hitachi ucosminexus application server
- canonical/hitachi ucosminexus
- canonical/hitachi ucosminexus service architect
- canonical/hitachi ucosminexus service platform