Lucene search
K
SunJava System Web Server

10 matches found

CVE
CVE
added 2009/08/07 6:33 p.m.76 views

CVE-2009-2713

Sun Java System Access Manager 7.0 (2005Q4) and 7.1 with Cross Domain Single Sign On enabled is affected by CVE-2009-2713. The issue is that the CDCServlet component does not ensure policy advice is presented to the correct client, enabling potential information disclosure via unspecified vectors...

4.3CVSS5.9AI score0.0171EPSS
CVE
CVE
added 2009/06/05 3:25 p.m.74 views

CVE-2009-1934

Sun Java System Web Server 6.1 (Reverse Proxy Plug-in) is vulnerable to an XSS issue (CVE-2009-1934) in scenarios that trigger a 502 Gateway error. The vulnerability affects the Reverse Proxy Plug-in before SP11, allowing remote attackers to inject arbitrary script via the query string. The avail...

4.3CVSS5.5AI score0.02235EPSS
CVE
CVE
added 2006/07/28 11:0 p.m.68 views

CVE-2006-3921

Summary (CVE-2006-3921): Affects Sun Java System Application Server (SJSAS) 7–8.1 and Web Server (SJSWS) 6.0–6.1. The issue permits remote authenticated users to read files outside the “document root” via a direct request using a UTF-8 encoded URI. The NVD entry lists a Medium base score (AV:N/AC...

4CVSS6.1AI score0.02167EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.58 views

CVE-2007-6571

CVE-2007-6571 describes a cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected product/version: Sun Java System Web Proxy Server 3.6 prior to SP11...

4.3CVSS5.8AI score0.01659EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.56 views

CVE-2007-6570

CVE-2007-6570 describes a Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server’s View URL Database functionality. Affected software versions are Sun Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11. The vulnerability allows remote attackers to inject arbitrary web...

4.3CVSS5.8AI score0.02235EPSS
CVE
CVE
added 2008/06/03 2:0 p.m.56 views

CVE-2008-2518

CVE-2008-2518 is an XSS vulnerability in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3, affecting the advanced search (webapps/search/advanced.jsp). The underlying issue is an HTML/script injection via unspecified vectors (likely related to the next parameter). Exploitation de...

4.3CVSS5.5AI score0.01875EPSS
Web
CVE
CVE
added 2007/12/28 9:0 p.m.54 views

CVE-2007-6569

Sun Java System Web Proxy Server 4.x (and Web Server) are vulnerable to cross-site scripting in the View Error Log/related log-viewing function (BugID 6566246). The JVN entry confirms the issue is a client-side script injection via unspecified vectors, affecting the Web Server and Web Proxy Serve...

4.3CVSS5.8AI score0.01875EPSS
CVE
CVE
added 2006/11/03 12:0 a.m.53 views

CVE-2006-5654

CVE-2006-5654 concerns the NSS component used by Sun Java System Web Server 6.0 (pre-SP10) and ONE Application Server 7 (pre-Update 3) when SSLv2 is enabled, allowing remote authenticated users to cause a denial of service. Connected documents indicate related NSS issues (e.g., CVE-2006-5201) and...

4CVSS6AI score0.02044EPSS
CVE
CVE
added 2008/05/13 8:14 p.m.52 views

CVE-2008-2166

CVE-2008-2166 affects Sun Java System Web Server 6.1 (pre-SP9) and 7.0 (pre-Update 2). The issue is a cross-site scripting vulnerability in the Search module (index.jsp) caused by insufficient input sanitization, enabling remote injection of arbitrary script/HTML. The connected documents provide ...

4.3CVSS5.4AI score0.01875EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.51 views

CVE-2007-6572

CVE-2007-6572 is an XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1. It allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (BugID 6566204). Affected components: Sun Java System Web Server 6.1 (pre-SP8) and 7.0 (pre-Update ...

4.3CVSS5.8AI score0.01659EPSS