11 matches found
CVE-2008-4541
Sun Java System Web Proxy Server (Sun Microsystems) is affected by CVE-2008-4541 due to a heap-based buffer overflow in the FTP subsystem. The vulnerability exists in versions 4.0 through 4.0.7 and can be triggered by processing a crafted HTTP GET request, potentially allowing remote code executi...
CVE-2007-2881
Sun Java System Web Proxy Server (sockd) is affected by a buffer overflow in the SOCKS proxy support during protocol negotiation. The issue resides in the sockd daemon and can allow a remote attacker to execute arbitrary code with the privileges of the SOCKS server; impact is described as remote ...
CVE-2006-6276
Sun Java System Proxy Server versions prior to 20061130 are affected by an HTTP request smuggling vulnerability when used with Sun Java System Application Server or Sun Java System Web Server. Exploitation could bypass HTTP request filtering, enable web session hijacking, permit cross-site script...
CVE-2005-4806
CVE-2005-4806 affects Sun Java System Web Proxy Server 3.6 SP7 and earlier. The vulnerability is described as multiple unspecified remote vulnerabilities that allow an attacker to cause a denial of service (unresponsive service) via unknown vectors. The provided sources identify the affected prod...
CVE-2007-6571
CVE-2007-6571 describes a cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected product/version: Sun Java System Web Proxy Server 3.6 prior to SP11...
CVE-2004-1350
Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6–3.6 SP4 contains multiple buffer overflows that allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests. The issue affects the proxy server’s handling of input in its network-facing compon...
CVE-2005-1232
CVE-2005-1232 pertains to Sun Java System Web Proxy Server (also Sun ONE Proxy Server) 3.6 SP6. The vulnerability is described as a buffer overflow that could allow remote code execution via unknown vectors. The connected Nessus plugin cites an upgrade path to 3.6 SP7 or higher as a remediation. ...
CVE-2007-6570
CVE-2007-6570 describes a Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server’s View URL Database functionality. Affected software versions are Sun Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11. The vulnerability allows remote attackers to inject arbitrary web...
CVE-2007-6569
Sun Java System Web Proxy Server 4.x (and Web Server) are vulnerable to cross-site scripting in the View Error Log/related log-viewing function (BugID 6566246). The JVN entry confirms the issue is a client-side script injection via unspecified vectors, affecting the Web Server and Web Proxy Serve...
CVE-2007-6572
CVE-2007-6572 is an XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1. It allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (BugID 6566204). Affected components: Sun Java System Web Server 6.1 (pre-SP8) and 7.0 (pre-Update ...
CVE-2008-3683
The CVE-2008-3683 affects Sun Java System Web Proxy Server 4.0–4.0.5 prior to SP6, where an unspecified vulnerability in the FTP subsystem can allow remote attackers to trigger a denial of service by exhausting file descriptors (failure to accept new connections). The issue is described as unknow...