CVE-2008-5098

CVE-2008-5098 is an XSS vulnerability in Sun Java System Messaging Server versions 6.2 and 6.3. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, and it is noted as a different vulnerability from CVE-2007-2904. The connected sources provide the affe...

Sun Java System Identity Manager Version Detection (deprecated)

Binary data 4755.prm...

Sun Java System Identity Manager 6.07.x - Multiple Vulnerabilities

Sun Java System Identity Manager 6.07.x - Multiple Vulnerabilities...

Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/32262/info Sun Java System Identity Manager is prone to multiple web-interface vulnerabilities, including a cross-site request-forgery issue, multiple cross-site scripting issues, multiple HTML-injection issues, and a directory-traversal vulnerability...

CVE-2008-4910

The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method...

CVE-2008-4910

CVE-2008-4910 affects Sun Java Web Start (BasicService). The vulnerability allows a remote attacker to execute arbitrary programs on a client machine by passing a file:// URL argument to the showDocument method. Impact is described as remote code execution with full confidentiality/integrity/avai...

Sun Java System LDAP JDK搜索功能信息泄漏漏洞

BUGTRAQ ID: 31905 CNCAN ID：CNCAN-2008102503 Sun Java System LDAP是一款LDAP协议实现。 Sun Java System LDAP JDK搜索功能存在安全问题，本地攻击者可以利用漏洞获得使用LDAP JDK库应用程序的敏感信息。 目前没有详细漏洞细节提供。 Sun Java System LDAP JDK 4.19 Sun Java System Access Manager 7.1 Windows Sun Java System Access Manager 7.1 Solaris x86 Sun Java System...

CVE-2008-4747

Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library...

Design/Logic Flaw

Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library...

CVE-2008-4747

Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library...

CVE-2008-4747

CVE-2008-4747 affects Sun Java System LDAP JDK before 4.20, with a vulnerability in the search feature that may allow context-dependent attackers to obtain sensitive information via LDAP JDK library vectors. The NVD entry lists a low impact (CVSS v2: 2.1, local access, partial confidentiality imp...

Sun Java WebStart multiple security vulnerabilities

Sandbox limitation bypass, buffer overflow...

Sun Java Web Start 1.0/1.2 - Remote Command Execution

source: https://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks. We don't know which versions of...

Sun Java Web Start 1.01.2 - Remote Command Execution

Sun Java Web Start 1.01.2 - Remote Command Execution source: https://www.securityfocus.com/bid/31916/info Sun Java Web Start is prone to a remote command-execution vulnerability. Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid...

Java Web Start, arbitrary file creation (6703909)

Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...

security flaw

Unspecified vulnerability in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted 1 application or 2 applet, a different...

Sun Java系统Web代理服务器FTP子系统堆溢出漏洞

BUGTRAQ ID: 31691 CVECAN ID: CVE-2008-4541 Sun Java System Web Proxy Server是一款基于WEB的代理服务程序。 Sun Java Web代理服务器的FTP子系统没有正确地处理FTP资源。如果远程攻击者向有漏洞的服务器发送了恶意的HTTP GET请求的话，就可以触发堆溢出，导致执行任意指令。 Sun Java System Web Proxy Server 4.0 - 4.0.7 Sun已经为此发布了一个安全公告（Sun-Alert-242986）以及相应补丁: Sun-Alert-242986：A Heap...

mozff_sunjava_dos.txt

applet...

Sun Java System Web Proxy Server Two Vulnerabilities (Linux)

This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnlin.nasl 7174 2017-09-18 11:48:08Z asteins $ Sun Java System Web Proxy Server Two Vulnerabilities Linux Authors: Chandan S Copyright:...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnwin.nasl 6605 2017-07-07 11:22:07Z cfischer $ Sun Java System Web Proxy Server Vulnerabilities Windows Authors: Chandan S Copyright:...