Java System Application Server Security Vulnerabilities and Issues — Java System Application Server CVE List

Lucene search

SunJava System Application Server

5 matches found

CVE•added 2007/07/11 11:30 p.m.•60 views

CVE-2007-3715

Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.

9.3CVSS6.6AI score0.06839EPSS

CVE•added 2007/07/26 7:30 p.m.•41 views

CVE-2007-4025

Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors.

4.3CVSS6.9AI score0.00733EPSS

CVE•added 2007/10/01 5:17 a.m.•41 views

CVE-2007-5152

Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

7.5CVSS6.9AI score0.01807EPSS

CVE•added 2007/10/01 5:17 a.m.•40 views

CVE-2007-5153

Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.

6.8CVSS7.7AI score0.03813EPSS

CVE•added 2007/08/23 7:17 p.m.•36 views

CVE-2007-4511

The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass...

5CVSS6.7AI score0.00262EPSS