3 matches found
CVE-2009-2704
The CVE-2009-2704 issue affects CA SiteMinder and related entries, where GET parameters could bypass J2EE XSS protections due to a %00 (encoded null byte). Root cause: improper filtering of user-supplied request parameters in SiteMinder, enabling bypass of XSS protections. Documented impact is by...
CVE-2009-2705
CVE-2009-2705 affects CA SiteMinder. The vulnerability allows remote attackers to bypass J2EE application XSS protections by submitting a request that uses non-canonical, overlong Unicode in place of blacklisted characters, enabling cross-site scripting bypasses. Documented impact is limited to b...
CVE-2003-1573
The CVE-2003-1573 entry concerns the PointBase 4.6 database component used in the J2EE 1.4 reference implementation (J2EE/RI). The vulnerability allows remote attackers to execute arbitrary programs, cause a denial of service, and obtain sensitive information through a crafted SQL statement. Root...