CVE-2009-2744

Unspecified vulnerability in IBM WebSphere Application Server WAS 6.1 before 6.1.0.27 allows remote attackers to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25."...

IBM WebSphere Application Server拒绝服务漏洞

Bugraq ID: 36456 CVE ID：CVE-2009-2744 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server存在一个未明安全漏洞，远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 IBM Websphere Application Server 6.1 25 IBM Websphere Application Server 6.1 23 厂商解决方案 用户可联系供应商下载使用最新的Fix Pack 6.1.0.27或之后或AP...

IBM WebSphere Application Server本地信息泄漏漏洞

Bugraq ID: 36458 CVE ID：CVE-2009-2743 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server允许本地攻击者获得敏感信息。 在使用wsadmin脚本和配置了JAAS-J2C验证数据后，当部分异常发生时存在一个错误，通过查看FFDC日志文件，攻击者可以获得敏感信息。 IBM Websphere Application Server 6.1 25 IBM Websphere Application Server 6.1 23 IBM...

IBM WebSphere Application Server Eclipse Help跨站脚本漏洞

Bugraq ID: 36455 CVE ID：CVE-2009-2742 IBM WebSphere Application Server是一款商业性质的WEB应用服务程序。 IBM WebSphere Application Server包含的Eclipse Help组件不正确验证用户提供的输入，远程攻击者可以利用漏洞使用特殊构建的URL，诱使用户点击，可在目标用户浏览器上执行任意脚本代码。 目前没有详细漏洞细节提供。 IBM Websphere Application Server 6.1 25 IBM Websphere Application Server 6.1 23 IBM...

Update Protection against Adobe JRun 4 Management Console Cross-Site Scripting Vulnerability (APSB09-12)

A Cross Site Scripting XSS vulnerability has been discovered in Adobe JRun Management Console. JRun is an application server based on Java 2 Platform, Enterprise Edition J2EE. It works with popular Web servers including Apache and IIS. A remote attacker could exploit this issue to execute a...

Orion Application Server Web Examples Multiple XSS

The remote web server uses Orion Application Server, an application server hosted on a Java2 platform. It currently makes available at least one example JSP application that fails to sanitize user-supplied input before using it to generate dynamic HTML output. Specifically, the 'item' parameter o...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow 1 local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component APP01; 2 remote attackers to affect confidentiality via unknown vectors related to the Oracle...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04...

CVE-2008-7238

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow 1 local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component APP01; 2 remote attackers to affect confidentiality via unknown vectors related to the Oracle...

CVE-2008-7235

Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04...

CVE-2008-7237

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06...

CVE-2008-7236

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05...

CVE-2008-7233

Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02...

Design/Logic Flaw

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05...

CVE-2008-7238

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow 1 local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component APP01; 2 remote attackers to affect confidentiality via unknown vectors related to the Oracle...

CVE-2008-7235

Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04...

CVE-2008-7233

Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02...

CVE-2008-7236

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05...

CVE-2008-7234

CVE-2008-7234 concerns an unspecified vulnerability in the Oracle BPEL Worklist Application component of Oracle Application Server 10.1.2.2 and 10.1.3.3. The description states that remote attackers can affect confidentiality, integrity, and availability via unknown vectors (aka AS03). The CVSS b...

CVE-2008-7234

Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03...