Java System Web Server@6.0 Security Vulnerabilities and Issues — Java System Web Server@6.0 CVE List

Lucene search

SunJava System Web Server6.0

9 matches found

CVE•added 2006/12/04 11:28 a.m.•45 views

CVE-2006-6276

HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web ca...

6.8CVSS6.5AI score0.01141EPSS

CVE•added 2006/07/28 11:4 p.m.•44 views

CVE-2006-3921

Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.

4CVSS6.1AI score0.00749EPSS

CVE•added 2007/12/28 9:46 p.m.•44 views

CVE-2007-6571

Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.

4.3CVSS5.8AI score0.00293EPSS

CVE•added 2007/03/16 9:19 p.m.•43 views

CVE-2007-1488

Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 before 20070315 allows remote attackers to "gain unauthorized access to data", possibly involving a sample application.

7.5CVSS6.5AI score0.01341EPSS

CVE•added 2005/07/17 4:0 a.m.•41 views

CVE-2004-2216

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.

5CVSS7AI score0.00796EPSS

CVE•added 2006/11/03 12:7 a.m.•41 views

CVE-2006-5654

Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due ...

4CVSS6AI score0.03819EPSS

CVE•added 2007/12/28 9:46 p.m.•39 views

CVE-2007-6570

Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.

4.3CVSS5.8AI score0.00723EPSS

CVE•added 2007/12/28 9:46 p.m.•38 views

CVE-2007-6572

Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.

4.3CVSS5.8AI score0.00293EPSS

CVE•added 2005/05/02 4:0 a.m.•32 views

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang).

5CVSS6.8AI score0.00543EPSS