257 matches found
CVE-2006-5361
Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln OC4J03...
CVE-2006-5364
Technical details for CVE-2006-5364 are not publicly available in the provided documents; monitor for updates from official advisories.
CVE-2006-5356
Technical details for CVE-2006-5356 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.
CVE-2006-5361
Technical details for CVE-2006-5361 are not publicly provided in the supplied documents; monitor for updates.
CVE-2006-5356
Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln OC4J02...
CVE-2006-5364
Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln OC4J05...
Apache Geronimo跨站脚本和HTML注入漏洞
BUGTRAQ ID: 16260 Apache Geronimo是Apache软件基金会的开放源码J2EE服务器。 Apache Geronimo由于没有正确的验证用户输入,导致Geronimo中存在跨站脚本和HTML注入漏洞,远程攻击者可以利用这些漏洞执行任意代码或窃取敏感信息。 Apache Group Geronimo 1.0 Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
sa-caucho.txt
ScanAlert Security Advisory http://www.scanalert.com Caucho Resin Multiple Vulnerabilities - Arbitrary File Access & Information Disclosure Date: 5/16/06 Vendor: Caucho Package: Resin Version: 3.0.17 and 3.0.18 Vendor Confirmed Credit: ScanAlerts Security and Enterprise Services Teams. Risk:...
EPiX™ Search query XSS vuln.
EPiX™ Search query XSS vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/epix-search-query-xss-vuln.html vendor:http://www.go-epix.net/ affected version:3.1.2 and prior Product Description: EPIX is a low cost portal solution with CMS...
CVE-2005-3449
Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln 1 AS02 in Containers for J2EE, 2 AS07 in Internet Directory, 3 AS09 in Report Server, and 4 AS11 in Web Cache...
CVE-2004-2331
Summary of CVE-2004-2331 (ColdFusion MX 6.1 / 6.1 J2EE): Local users could bypass sandbox security and access sensitive information by using Java reflection to reach trusted Java objects without invoking CreateObject or the cfobject tag. The issue affects ColdFusion MX 6.1 and ColdFusion MX 6.1 J...
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm"...
CVE-2004-0928
The CVE-2004-0928 family affects Adobe JRun 4.x servers (and ColdFusion MX 6.0/6.1/J2EE) when running with IIS, where a crafted request ending in ";.cfm" can bypass authentication and disclose script/source content (e.g., .asp, .pl, .php). Connected advisories describe URL handling flaws that tri...
Oracle Application Server J2EE Container Detection
Binary data 2831.prm...
J2EE code execution
It's possible to execute external application in SQL request to pointbase database...
J2EE 1.4 reference implementation: database component allows remote code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess.org security advisory i/12-2003 www.illegalaccess.org J2EE 1.4 reference implementation: database component allows remote code execution Brief ===== Product : J2EE reference implementation java.sun.com/j2ee/download.html Component :...
Multiple Server Crafted Request WEB-INF Directory Information Disclosure
By making a specially-formatted request to the remote web server, it is possible to retrieve files located under the 'WEB-INF' directory. Note that this vulnerability is known to affect the Win32 versions of multiple J2EE servlet containers / application servers. %NASLMINLEVEL 70300 This script w...