Java System Access Manager Security Vulnerabilities and Issues — Java System Access Manager CVE List

Lucene search

SunJava System Access Manager

3 matches found

CVE•added 2008/06/30 10:41 p.m.•51 views

CVE-2008-2945

Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715...

7.5CVSS7.2AI score0.06839EPSS

CVE•added 2008/06/16 6:41 p.m.•36 views

CVE-2008-2705

Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.

9.3CVSS7AI score0.0035EPSS

CVE•added 2008/03/08 12:44 a.m.•31 views

CVE-2008-1204

Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.

4.3CVSS5.8AI score0.00293EPSS