Java Active Server Pages
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-2404 | 0.01 | — | 0.07 | Jun 4, 2008 | Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field. | |||
| CVE-2008-2406 | 0.00 | — | 0.03 | Jun 4, 2008 | The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102. | |||
| CVE-2008-2405 | 0.00 | — | 0.03 | Jun 4, 2008 | Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications. | |||
| CVE-2008-2401 | 0.00 | — | 0.02 | Jun 4, 2008 | The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications. |
- CVE-2008-2404Jun 4, 2008risk 0.01cvss —epss 0.07
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.
- CVE-2008-2406Jun 4, 2008risk 0.00cvss —epss 0.03
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.
- CVE-2008-2405Jun 4, 2008risk 0.00cvss —epss 0.03
Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.
- CVE-2008-2401Jun 4, 2008risk 0.00cvss —epss 0.02
The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications.