CVE-2008-5438

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors...

CVE-2008-2623

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors...

CVE-2008-4017

Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2008-5438

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors...

CVE-2008-2623

CVE-2008-2623 affects the Oracle Application Server 10.1.2.3 JDeveloper component. The vulnerability is described as unspecified and affects confidentiality via unknown vectors, with local access as the attack vector and a low impact (C/P I/N/A). The provided sources identify the affected product...

CVE-2008-4014

Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2008-5438

Technical details about CVE-2008-5438 are not provided in the connected documents; the initial entry only notes an unspecified vulnerability in the Oracle Portal component of Oracle Application Server 10.1.2.3/10.1.4.2. Monitor for updates.

CVE-2008-4017

Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2008-2623

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors...

Microsoft Windows SMB NT Trans2 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that occurs in the SMB Server Message Block protocol implementation. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will facilitate in the complete...

Fwd: TmaxSoft JEUS Alternate Data Streams Vulnerability

Dear bugtraq, Thanks for your concern. I saw BID 32804. It is one incorrect information. Tmax Soft JEUS 5 Fix26 is not vulnerable. The vendor informs that users upgrade to this versionFix 26. Please change this information. Sincerely, Simon ---------- Forwarded message ---------- From: Simon Ryeo...

TmaxSoft JEUS - Alternate Data Streams File Disclosure

TmaxSoft JEUS - Alternate Data Streams File Disclosure Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...

TmaxSoft JEUS - Alternate Data Streams File Disclosure

Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: - http://www.microsoft.com/technet/security/bulletin/ms98-003.mspx - http://www.tmaxsoft.com -...

TmaxSoft JEUS Alternate Data Streams Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...

TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability

Exploit for unknown platform in category remote exploits ================================================================== TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability ================================================================== Title: TmaxSoft JEUS Alternate Data...

Security feature bypass

Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server WAS 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken."...

Information disclosure

IBM WebSphere Application Server WAS 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

CVE-2008-5412

Unspecified vulnerability in IBM WebSphere Application Server WAS 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438...

IBM WebSphere Application Server 7.0 < Fix Pack 1

IBM WebSphere Application Server 7.0 before Fix Pack 1 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities. - The PerfServlet code writes sensitive information in the 'systemout.log' and ffdc files, provided Performance Monitoring Infrastructur...