850 matches found
CVE-2009-1081
CVE-2009-1081 affects Sun Java System Identity Manager (IdM) 7.0–8.0. The issue is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (Bug IDs 19595 and 19661). The connected documents do not provide concrete exploi...
Sun Java System Identity Manager多个安全漏洞
BUGTRAQ ID: 34191 Sun Java System Identity Manager是一个完整的端到端的保护敏感数据和管理标识配置文件与许可的解决方案。 Sun Java System Identity Manager(IdM)受多个安全漏洞影响,具体如下: 由于没有使用SSL加密某些连接,远程非特权用户可以非授权访问客户端与IdM服务器之间所传输的数据(17763)。 本地或远程非特权用户可以判断是否存在有效的IdM帐号名(18052,18104)。 在IdM服务器上拥有帐号的用户可以更改其他IdM帐号的口令(18578)。...
Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Sun Java System Messenger Express 6.3-0.15 - error Cross-Site Scripting
Sun Java System Messenger Express 6.3-0.15 - error Cross-Site Scripting source: https://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may...
Sun Java System Messenger Express XSS
Product:Sun Javatm System Messenger Express Version: 6.3-0.15 Author:syniack contact:[email protected] Vulnerable link: http://example.com/?user=admin&error="alert1; -- SyN/AcK RuLzZ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the 1 Full Name or 2 Subject field...
CVE-2009-0877
The CVE-2009-0877 entry describes multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express. The affected component is the web interface of Sun Java System Communications Express, where attackers can inject arbitrary web script or HTML via the Full Name or Subj...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2008-6192
Multiple cross-site scripting XSS vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2008-6192
Multiple cross-site scripting XSS vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2008-6192
CVE-2008-6192 describes multiple XSS vulnerabilities in unspecified Portlets of Sun Java System Portal Server 7.0 and 7.1. The initial description notes remote injection of arbitrary scripts via unknown vectors, without concrete exploit details. Connected documents include Solaris patch reference...
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...
Design/Logic Flaw
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...
CVE-2009-0576
Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service daemon crash via crafted LDAP requests...
CVE-2009-0576
Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, are affected by CVE-2009-0576. An unspecified vulnerability allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests. The provided documents do not specify the exact root cause, vul...
CVE-2009-0576
Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service daemon crash via crafted LDAP requests...
Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS
The remote host is running the Sun Java System Directory Server, an LDAP server from Sun Microsystems. The installed version is older than 6.3.1, and the proxy server included with such versions is reportedly affected by a denial of service vulnerability. By sending a specially crafted request to...
Sun Java System Application Server Information Disclosure vulnerability
Java Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sun Java System/ONE Application Server Detection (HTTP)
HTTP based detection of the Sun Java System/ONE Application Server. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...