Lucene search

Java System Web Server Security Vulnerabilities - CVSS Score 5 - 6

cve

CVE-2004-2216

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.

7AI Score

0.021EPSS

2005-07-17 04:00 AM

cve

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang).

6.8AI Score

0.018EPSS

2005-05-02 04:00 AM

cve

CVE-2005-1889

Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.

6.9AI Score

0.002EPSS

2005-06-08 04:00 AM

cve

CVE-2008-2120

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

6.8AI Score

0.006EPSS

2008-05-09 03:20 PM

cve

CVE-2009-2445

Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

6.6AI Score

0.199EPSS

2009-07-13 05:30 PM

cve

CVE-2010-0389

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token.

6.7AI Score

0.009EPSS

2010-01-25 07:30 PM