Java Asp Server Security Vulnerabilities and Issues — Java Asp Server CVE List

Lucene search

SunJava Asp Server

4 matches found

CVE•added 2008/06/04 8:32 p.m.•52 views

CVE-2008-2404

Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.

10CVSS8.1AI score0.12951EPSS

CVE•added 2008/06/04 8:32 p.m.•40 views

CVE-2008-2406

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.

7.5CVSS6.9AI score0.00958EPSS

CVE•added 2008/06/04 8:32 p.m.•38 views

CVE-2008-2403

Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.

10CVSS6.8AI score0.00995EPSS

CVE•added 2008/06/04 8:32 p.m.•36 views

CVE-2008-2402

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents.

5CVSS6.4AI score0.0039EPSS