12 matches found
EUVD-2019-1110
Malware in sbrugna...
CVE-2019-0337
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...
CVE-2019-0337
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...
Cross site scripting
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...
CVE-2019-0337
Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...
OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)
A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...
CVE-2016-2387
Multiple cross-site scripting XSS vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the 1 ns or 2 interface parameter to ProxyServer/register, aka SAP Security Note 2220571...
CVE-2016-2387
Multiple cross-site scripting XSS vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the 1 ns or 2 interface parameter to ProxyServer/register, aka SAP Security Note 2220571...
OpenJDK Proxy mechanism information leaks (6801071)
The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted 1 applets and 2 Java Web Start applications, which allows remote attackers to hijack web sessions...
[SA14901] Sun Java System Web Proxy Server Unspecified Buffer Overflow
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Sun Java System Web Proxy Server Unspecified Buffer...
Manage authentication for NTLM proxies
We want to access RRS content internally, but we are using a secured proxy requiring authentication via NTLM or user/password. We setted up the standard Java proxies properties: http.proxyHost, http.proxyPort and http.auth.ntlm.domain. But it seams that the http.auth.ntlm.domain properties does n...
Manage authentication for NTLM proxies
We want to access RRS content internally, but we are using a secured proxy requiring authentication via NTLM or user/password. We setted up the standard Java proxies properties: http.proxyHost, http.proxyPort and http.auth.ntlm.domain. But it seams that the http.auth.ntlm.domain properties does n...