Lucene search
K

179 matches found

Cvelist
Cvelist
added 2010/10/13 11:0 p.m.33 views

CVE-2010-3514

Unspecified vulnerability in the Oracle iPlanet Web Server Sun Java System Web Server component in Oracle Sun Products Suite 6.1 and 7.0 allows remote attackers to affect integrity via unknown vectors related to Web Container...

5.6AI score0.04485EPSS
Exploits0References2
seebug.org
seebug.org
added 2010/05/20 12:0 a.m.31 views

IBM WebSphere应用服务器Web容器GET请求远程拒绝服务漏洞

CVE ID: CVE-2010-0776 IBM Websphere应用服务器以Java和Servlet引擎为基础,支持多种HTTP服务,可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 WebSphere应用服务器的Web容器在调用response.sendRedirect期间没有正确地处理分块传输编码,远程攻击者可以通过提交恶意的GET请求导致拒绝服务。 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6....

5CVSS6.4AI score0.01617EPSS
Exploits1
seebug.org
seebug.org
added 2010/05/20 12:0 a.m.36 views

IBM WebSphere应用服务器Web容器远程信息泄露漏洞

CVE ID: CVE-2010-0777 IBM Websphere应用服务器以Java和Servlet引擎为基础,支持多种HTTP服务,可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 WebSphere应用服务器的Web容器在处理长度大于20个字符的超长文件名时可能会在响应中发送错误的文件,远程攻击者可以通过读取检索到的文件获取敏感信息。 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.1 IBM Websphere Application Server 6.0 厂商补丁:...

2.6CVSS6.4AI score0.01881EPSS
Exploits1
Prion
Prion
added 2010/05/17 10:30 p.m.21 views

Design/Logic Flaw

The Web Container in IBM WebSphere Application Server WAS 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading...

2.6CVSS6.3AI score0.01881EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2010/05/17 10:0 p.m.32 views

CVE-2010-0777

The Web Container in IBM WebSphere Application Server WAS 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading...

5.8AI score0.01881EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2010/04/06 12:0 a.m.48 views

IBM WebSphere Application Server 6.1 < 6.1.0.31 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 31 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - It is possible for Administrator role members to modify primary administrative id via the administrative console. PK88606 - An...

5CVSS5.3AI score0.01881EPSS
Exploits7References15
Tenable Nessus
Tenable Nessus
added 2010/04/05 12:0 a.m.32 views

IBM WebSphere Application Server 6.1 < 6.1.0.7 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 7 appears to be running on the remote host. As such, it is reportedly affected by the following vulnerabilities : - An unspecified denial of service vulnerability in the Java Message Service JMS. - An unspecified vulnerability in the Servlet...

10CVSS5.6AI score0.02853EPSS
Exploits0References5
NVD
NVD
added 2009/08/13 6:30 p.m.21 views

CVE-2009-2088

The Servlet Engine/Web Container component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, when SPNEGO Single Sign-on SSO and disableSecurityPreInvokeOnFilters are configured, allows remote attackers to bypass authentication via a request for a "secure URL,"...

7.5CVSS6.7AI score0.02352EPSS
Exploits0References5
Prion
Prion
added 2009/03/16 7:30 p.m.15 views

Code injection

The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server WAS 5.1.0, 5.1.1.19, 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.23, and 7.0 before 7.0.0.3 allow remote attackers to read arbitrary files contained in war files in 1 web-inf, 2 meta-inf, and unspecified other...

7.5CVSS7.2AI score0.02915EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2009/02/17 5:30 p.m.18 views

CVE-2008-4285

Unspecified vulnerability in the Performance Monitoring Infrastructure PMI feature in the Servlet Engine/Web Container component in IBM WebSphere Application Server WAS 6.1.x before 6.1.0.19, when a component statistic is enabled, allows attackers to cause a denial of service daemon crash via...

5CVSS6.2AI score0.01157EPSS
Exploits0References3
CVE
CVE
added 2009/02/17 5:0 p.m.48 views

CVE-2008-4285

CVE-2008-4285 affects IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19, specifically the Servlet Engine/Web Container PMI feature. When a component statistic is enabled, it allows a denial of service (daemon crash) via vectors described as a gradual degradation in performance. No expl...

5CVSS6.3AI score0.01157EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2008/09/16 11:0 p.m.22 views

Design/Logic Flaw

Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors...

9.3CVSS6.6AI score0.02258EPSS
Exploits0References10Affected Software1
Prion
Prion
added 2008/05/22 1:9 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/11/14 1:46 a.m.35 views

CVE-2007-5944

Cross-site scripting XSS vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server WAS 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might be the same issue as CVE-2006-3918, but there are...

4.3CVSS5.3AI score0.01786EPSS
Exploits0References7
CVE
CVE
added 2007/11/14 1:0 a.m.68 views

CVE-2007-5944

Technical details about CVE-2007-5944 are not publicly available in the provided connected documents; no affected products, versions, vectors, or fixes are specified here. Monitor for updates.

4.3CVSS5.4AI score0.01786EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2007/04/11 1:19 a.m.18 views

Code injection

Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server WAS before 6.1.0.7 has unknown impact and attack vectors...

7.5CVSS6.9AI score0.01377EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/12/19 8:28 p.m.21 views

CVE-2006-6637

The Servlet Engine and Web Container in IBM WebSphere Application Server WAS before 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote attackers to obtain JSP source code and other sensitive information via "specific requests."...

5CVSS6.3AI score0.0256EPSS
Exploits0References9
CVE
CVE
added 2006/12/19 8:0 p.m.43 views

CVE-2006-6637

The CVE-2006-6637 entry applies to IBM WebSphere Application Server (WAS) 6.0.x prior to 6.0.2.17, where enabling fileServingEnabled via ibm-web-ext.xmi and enabling servlet caching allows remote attackers to obtain JSP source code and other sensitive information through specific requests. Connec...

5CVSS6.3AI score0.0256EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2005/12/31 5:0 a.m.17 views

CVE-2005-4834

IBM WebSphere Application Server WAS 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container...

5CVSS6.6AI score0.01454EPSS
Exploits0References6
Rows per page
Query Builder