NVD

Id
48398  
Name
CVE-2009-1088  
Description
Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-03-25  
Modified Date
2009-10-05  
Seq
2009-1088  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
243391 48398 CVE-2009-1088 8247  View
243392 48398 CVE-2009-1088 20090319 Command Execution in Hannon Hill Cascade Server  View
243393 48398 CVE-2009-1088 34186  View
243394 48398 CVE-2009-1088 cascadeserver-xlst-command-execution(49332)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
43537 JVNDB-2009-004544 Hannon Hill の Cascade Server における任意のプログラムを実行される脆弱性 Hannon Hill の Cascade Server には、任意のプログラムまたは Java コードを実行される脆弱性が存在します。 CVE-2009-1088 38519 CVE-2009-1088 48398 9 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004544.html 2009-03-25 2012-09-25 View