VYPR

Java System Application Server

by Sun Corporation

CVEs (32)

  • CVE-2006-2501May 20, 2006
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise…

  • CVE-2005-4804Dec 31, 2005
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.

  • CVE-2005-4805Dec 31, 2005
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.

  • CVE-2005-4046Dec 7, 2005
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers…

  • CVE-2005-1889Jun 7, 2005
    risk 0.00cvss epss 0.01

    Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.

  • CVE-2005-0742May 2, 2005
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

  • CVE-2004-2216Dec 31, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.

  • CVE-2004-1815Mar 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2004-1816Mar 15, 2004
    risk 0.00cvss epss 0.03

    Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2003-0414Jun 30, 2003
    risk 0.00cvss epss 0.00

    The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.

  • CVE-2003-0412Jun 30, 2003
    risk 0.00cvss epss 0.02

    Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.

  • CVE-2002-0387Mar 18, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.

Page 2 of 2