142 matches found
CVE-2008-2221
Technical details about CVE-2008-2221 are not publicly available in the provided documents; no product/version specifics or exploit information are present. Monitor for updates.
CVE-2008-2221
Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors...
CVE-2008-1040
The CVE-2008-1040 issue affects Fujitsu Interstage products: Interstage Application Server (versions 8.0.0–8.0.3 and 9.0.0), Interstage Studio (8.0.1 and 9.0.0), and Interstage Apworks 8.0.0. It is a buffer overflow in the Single Sign-On function caused by improper URI handling, which enables a r...
CVE-2007-5526
Technical details about CVE-2007-5526 are not publicly provided in the supplied documents; no affected product/version or impact specifics are stated. Monitor for updates.
CVE-2007-3553
CVE-2007-3553 is an XSS in Oracle Application Server 11i's Rapid Install Web Server. The vulnerability allows remote attackers to inject arbitrary script/HTML via a URL to the Secondary Login Page (demonstrated with pls/ and pls/MSBEP004/). Connected Nessus content explicitly references this CVE ...
CVE-2007-3264
CVE-2007-3264 affects the PD tools component of IBM WebSphere Application Server (WAS) up to version 6.1.0.7 and earlier. The vulnerability is unspecified with unknown impact and attack vectors, per the NVD entry. The CVSS metrics indicate a high severity (base score 10.0) with a network attack v...
CVE-2006-7198
IBM WebSphere Application Server (WAS) versions affected: WAS before 5.1.1.14 and WAS for z/OS 601 before 6.0.2.13, tied to CVE-2006-7198. The connected documents describe an unspecified vulnerability with unknown impact and attack vectors, associated with a "Potential security exposure" PK26123....
CVE-2007-1608
CRLF injection vulnerability in IBM WebSphere Application Server WAS before 6.0.2.19 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a single CRLF sequence in a context that is not a valid multi-line header...
CVE-2006-6853
Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002...
CVE-2006-6853
Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002...
Solaris 10 (x86) : 119167-43 (deprecated)
Sun Java System App Server Enterprise Ed 8.1 2005Q1, x86 Patch32. Date this patch was last updated by Sun : Oct/18/11 This plugin has been deprecated and either replaced with individual 119167 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...
Solaris 9 (sparc) : 119166-43
Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 8 (sparc) : 119166-43
Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 9 (x86) : 119167-43
Sun Java System App Server Enterprise Ed 8.1 2005Q1, x86 Patch32. Date this patch was last updated by Sun : Oct/18/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
CVE-2006-5324
The CVE-2006-5324 affects IBM WebSphere Application Server’s Web Services Notification (WSN) component prior to version 6.1.0.2. The vulnerability allows an unauthenticated attacker to obtain unspecified access without providing a username and password (PK28374). The issue is network-accessible w...
CVE-2006-4222
CVE-2006-4222 affects IBM WebSphere Application Server prior to 6.0.2.13. The NVD entry notes multiple unspecified vulnerabilities with unspecified vectors and impact, including an “authority problem” in ThreadIdentitySupport (PK25199) and “Potential security exposure” issues (PK22747, PK24334, P...
CVE-2006-3225
Cross-site scripting XSS vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors...
CVE-2006-2342
CVE-2006-2342 affects IBM WebSphere Application Server 6.0.2 before FixPack 3, allowing remote attackers to bypass authentication for the Welcome Page by requesting the default context root. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network access, low attack complexity, and no ...
IBM WebSphere Widespread configuration JSP disclosure
IBM WebSphere Widespread configuration JSP disclosure Release Date: 04/13/2005 Severity: High Systems Affected IBM WebSphere Application 6 and prior. Description The practice of sharing the document root of the app server within the document root of the web server creates a security exposure that...
CVE-2005-0742
Cross-site scripting XSS vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...