Java System Application Server
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2501 | 0.00 | — | 0.03 | May 20, 2006 | Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise… | |||
| CVE-2005-4804 | 0.00 | — | 0.02 | Dec 31, 2005 | Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications. | |||
| CVE-2005-4805 | 0.00 | — | 0.02 | Dec 31, 2005 | Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors. | |||
| CVE-2005-4046 | 0.00 | — | 0.02 | Dec 7, 2005 | Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers… | |||
| CVE-2005-1889 | 0.00 | — | 0.01 | Jun 7, 2005 | Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. | |||
| CVE-2005-0742 | 0.00 | — | 0.02 | May 2, 2005 | Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||
| CVE-2004-2216 | 0.00 | — | 0.02 | Dec 31, 2004 | Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | |||
| CVE-2004-1815 | 0.00 | — | 0.02 | Mar 15, 2004 | Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||
| CVE-2004-1816 | 0.00 | — | 0.03 | Mar 15, 2004 | Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||
| CVE-2003-0414 | 0.00 | — | 0.00 | Jun 30, 2003 | The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. | |||
| CVE-2003-0412 | 0.00 | — | 0.02 | Jun 30, 2003 | Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities. | |||
| CVE-2002-0387 | 0.00 | — | 0.03 | Mar 18, 2003 | Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. |
- CVE-2006-2501May 20, 2006risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise…
- CVE-2005-4804Dec 31, 2005risk 0.00cvss —epss 0.02
Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.
- CVE-2005-4805Dec 31, 2005risk 0.00cvss —epss 0.02
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.
- CVE-2005-4046Dec 7, 2005risk 0.00cvss —epss 0.02
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers…
- CVE-2005-1889Jun 7, 2005risk 0.00cvss —epss 0.01
Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.
- CVE-2005-0742May 2, 2005risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- CVE-2004-2216Dec 31, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.
- CVE-2004-1815Mar 15, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
- CVE-2004-1816Mar 15, 2004risk 0.00cvss —epss 0.03
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
- CVE-2003-0414Jun 30, 2003risk 0.00cvss —epss 0.00
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.
- CVE-2003-0412Jun 30, 2003risk 0.00cvss —epss 0.02
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.
- CVE-2002-0387Mar 18, 2003risk 0.00cvss —epss 0.03
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
Page 2 of 2