Sun Java System Web Server 6.1/7.0 WebDAV Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37910/info Sun Java System Web Server is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input. The issue affects the WebDAV functionality. Currently very few technical details a...

Oracle OpenSSO 8.0 Cross Site Scripting

Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities alert1;' / alert2;' / alert3;' / input type="hidden" name="gi...

CVE-2010-0388

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...

Heap overflow

Multiple heap-based buffer overflows in 1 webservd and 2 the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header...

Null pointer dereference

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP request that lacks a method token...

Sun Java System Web Server 7.0 Update 6 - admin Server Denial of Service

Sun Java System Web Server 7.0 Update 6 - admin Server Denial of Service source: https://www.securityfocus.com/bid/37909/info Sun Java System Web Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the effected application, denying service to legitima...

CVE-2010-0273

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vdsjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no...

CVE-2009-3878

Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...

Buffer overflow

Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...

CVE-2009-3878

Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...

Sun Java System Web Server未明远程缓冲区溢出漏洞

Bugraq ID: 36813 Sun Java System Web Server是一款基于Java的WEB服务程序。 Sun Java System Web Server存在一个未明安全漏洞，远程攻击者可以利用漏洞进行缓冲区溢出，可导致任意代码执行。 目前没有详细漏洞细节提供。 Sun Java System Web Server 7.0 Update 6 目前没有解决方案提供： http://wwws.sun.com/software/products/websrvr/homewebsrvr.html...

CVE-2008-2166

CVE-2008-2166 affects Sun Java System Web Server 6.1 (pre-SP9) and 7.0 (pre-Update 2). The issue is a cross-site scripting vulnerability in the Search module (index.jsp) caused by insufficient input sanitization, enabling remote injection of arbitrary script/HTML. The connected documents provide ...

Code injection

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors...