CVE-2010-0770

IBM WebSphere Application Server WAS 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service ORB ListenerThread hang by aborting an SSL handshake...

CVE-2010-0770

IBM WebSphere Application Server (WAS) is affected by CVE-2010-0770. A remote authenticated user can cause a denial-of-service by aborting an SSL handshake, leading to an ORB ListenerThread hang. Affected versions are WAS 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9. Remediati...

CVE-2010-0769

IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 do not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to read a KeyRingPassword password from a cleartext field in resources.xml. This is a local infor...

IBM WebSphere Application Server (Traditional and Liberty) Detection (HTTP)

HTTP based detection of an IBM WebSphere Application Server Traditional and Liberty. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

IBM WebSphere Application Server multiple vulnerabilities

IBM WebSphere Application Server WAS is prone to multiple vulnerabilities. 1. A cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

IBM WebSphere Application Server Multiple Vulnerabilities (swg27004980)

IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Application Server 9i Webcache File Corruption (CVE-2005-1382)

Oracle Application Server Web Cache is a Web portal acceleration software provided by Oracle. It can cache both static and dynamic content and improve scalability and availability of Oracle applications accessed through HTTP. There exists a vulnerability in the way the Oracle Application Server...

CVE-2010-1182

Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server WAS 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors...

CVE-2010-1182

Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server WAS 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors...

CVE-2010-1182

Technical details about CVE-2010-1182 are not provided in the supplied documents; they mention the vulnerability generically for IBM WebSphere Application Server 7.0.x on z/OS and reference a fix in 7.0.0.9, but no specifics.

Interchange Detection

This host is running Interchange, an open source ecommerce system and application server/component application, written in the Perl programming language. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Meetin...

Macromedia JRun 4 mod_jrun Buffer Overflow (CVE-2004-0646)

Macromedia JRun is an application server used to deploy J2EE Java 2 Enterprise Edition applications, JSPs Java Server Pages, and other Java applications. It can be used as a stand-alone web server or can be accessed through other web servers including Apache. Apache can communicate with the JRun...

IBM WebSphere Application Server 6.0 < 6.0.2.39 Multiple Vulnerabilities

IBM WebSphere Application Server 6.0 before Fix Pack 39 for 6.0.2 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - A cross-site request forgery vulnerability exists due to insufficient validation of user-supplied input by the...

Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem CSRSS. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits may result in the complete compromise of affected...

Microsoft Windows Double Free Memory Corruption Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed explo...

Microsoft Windows SMB Client Pool Corruption Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Avaya Meeting Exchange - Client...

CVE-2010-0563

The CVE-2010-0563 entry concerns IBM WebSphere Application Server (WAS) 7.0.0.0–7.0.0.8 where the Requires SSL configuration option is not recognized by SSO, permitting exposure of sensitive data via sniffed network sessions that were expected to be encrypted. Documents specify the affected produ...

IBM WebSphere应用服务器Requires SSL选项绕过安全限制漏洞

BUGTRAQ ID: 38122 IBM Websphere应用服务器以Java和Servlet引擎为基础，支持多种HTTP服务，可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 Websphere应用服务器在处理配置数据时存在错误，可能导致无法检测和应用单次登录的Requires SSL选项，远程用户可以绕过限制获得非授权访问。 IBM Websphere Application Server 7.0.0.0 - 7.0.0.8 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Sun Java System Application Server Cross Site Tracing Vulnerability

This host has Sun Java System Application Server running which is prone to Cross Site Tracing vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavaappservxstvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Sun Java System Application Server Cross Site Tracing Vulnerability Authors: Veerendra G...