Solaris 8 (x86) : 136986-03

Sun Java Web Console 3.0.2x86: Security fixes. Date this patch was last updated by Sun : Jun/25/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Sun Java Web Console < 3.0.5 Remote File Enumeration

According to its version, the installation of Sun Java Web Console on the remote host may allow a local or remote unprivileged user to determine the existence of files or directories in access restricted directories, which could result in a loss of confidentiality. C Tenable Network Security, Inc...

CVE-2008-1286

Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors...

CVE-2008-1286

Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors...

DSquare Exploit Pack: D2SEC_JAVAWS

Name| d2secjavaws ---|--- CVE| CVE-2008-1190 Exploit Pack| D2ExploitPack Description| Sun Java Web Start Untrusted Application Vulnerability Notes|...

CVE-2007-6572

Cross-site scripting XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204...

Sun Java Web Proxy Server和Sun Java Web Server跨站脚本漏洞

BUGTRAQ ID: 26978 CNCAN ID:CNCAN-2007122401 Sun Java Web Proxy Server和Sun Java Web Server是两款基于JAVA的应用服务程序。 Sun Java Web Proxy Server和Sun Java Web Server存在输入验证问题，远程攻击者可以利用漏洞进行跨站脚本攻击，可获得敏感信息或任意脚本代码执行。 目前没有详细漏洞细节提供。 Sun Java Web Proxy Server 4.0.5 Sun Java Web Proxy Server 4.0.4 Sun Java Web Proxy...

Sun Java Web Start dnsResolve ActiveX Buffer Overflow (CVE-2007-5019)

Microsoft SQL Server is a Relational Database Management System RDBMS that can be managed through Distributed Management Objects DMO. A remote attacker can exploit this issue to execute arbitrary code on vulnerable server...

CVE-2007-5019

Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment JRE 1.6.0X allows remote attackers to have an unknown impact via a long argument to the dnsResolve isInstalled.dnsResolve method...

CVE-2007-3655

Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file...

CVE-2007-3655

Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file...

Directory traversal

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

Stack overflow

Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...

CVE-2007-2881

Sun Java System Web Proxy Server (sockd) is affected by a buffer overflow in the SOCKS proxy support during protocol negotiation. The issue resides in the sockd daemon and can allow a remote attacker to execute arbitrary code with the privileges of the SOCKS server; impact is described as remote ...

Sun Java Web Console LibWebconsole_Services.SO Remote Format String

The remote host is running SUN Java Web Console. The remote version of this service does not properly sanitize calls to the syslog function. By sending a specially crafted request it is possible to exploit this format string error. An attacker can exploit it to execute code with the privileges of...

Format string

Format string vulnerability in libwebconsoleservices.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service application crash, obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt,...