929 matches found
IBM Runtimes for Java Technology XML4J Unspecified Vulnerability
This host is installed with IBM Runtime for Java Technology and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbibmjavajrexml4junspecifiedvuln.nasl 7699 2017-11-08 12:10:34Z santu $ IBM Runtimes for Java Technology XML4J Unspecified Vulnerability Authors: Nikita MR...
IBM Runtimes for Java Technology XML4J Unspecified Vulnerability
IBM Runtime for Java Technology is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5.0.0 before SR10 has unknown impact and attack vectors, related to the "updated version of XML4J 4.4.17."...
CVE-2009-3852
CVE-2009-3852 is an unspecified vulnerability in the IBM Runtimes for Java Technology XML4J component (XML4J parsing) linked to IBM XML4J 4.4.17, affecting IBM Tivoli Application Dependency Discovery Manager 7.3.0.0–7.3.0.9. The initial sources describe unknown impact/attack vectors; NVD lists a ...
[SE-2008-01] J2ME Security Vulnerabilities 2008
Dear Bugtraq, The following information might be of interest for the readers of this list. Security Explorations http://www.security-explorations.com, a new security research start-up company from Poland discovered two very serious security vulnerabilities in mobile Java technology 1 coming from...
Adobe ColdFusion多个跨站脚本及无效日志漏洞
BUGTRAQ ID: 28205,28207 CVECAN ID: CVE-2008-0643,CVE-2008-0644,CVE-2008-1203 ColdFusion MX是一款高效的网络应用服务器开发环境,具有很高的易用性和开发效率,基于标准的Java技术,可以与XML、Web Services和Microsoft.NET环境相集成。 如果ColdFusion应用的Application.cfm或Application.cfc包含有setEncoding函数的话,远程攻击者就可以通过提交恶意请求执行跨站脚本攻击。...
Adobe ColdFusion CFID/CFTOKEN会话劫持漏洞
BUGTRAQ ID: 26429 CVECAN ID: CVE-2007-5905 ColdFusion MX是一款高效的网络应用服务器开发环境,具有很高的易用性和开发效率,基于标准的Java技术,可以与XML、Web Services和Microsoft.NET环境相集成。 ColdFusion在处理用户会话时存在漏洞,远程攻击者可能利用此漏洞获取敏感信息。 对于使用ColdFusion编译的应用程序,远程攻击者可以通过CFID或CFTOKEN劫持应用程序的用户会话,然后就可以浏览敏感信息或扮演成为合法用户执行请求。使用J2EE会话管理的用户不受这个漏洞影响。 Adobe...
Sun Java Web Start dnsResolve ActiveX Buffer Overflow (CVE-2007-5019)
Java Technology is a programming platform used for web applications in numerous forms. Java provides a system for developing and deploying cross-platform applications. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplie...
CVE-2007-3496
SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP15–SP19 and Nw04s SP7–SP11 is affected by a cross-site scripting (XSS) vulnerability that can be triggered via the User-Agent HTTP header. Affected components include SAP Java Technology Services 640 before SP20 and SAP Web Dynpro Runtime Co...