Java System Web Server Security Vulnerabilities and Issues — Java System Web Server CVE List

Lucene search

SunJava System Web Server

6 matches found

CVE•added 2009/07/13 5:30 p.m.•47 views

CVE-2009-2445

Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

5CVSS6.6AI score0.0082EPSS

CVE•added 2010/01/25 7:30 p.m.•46 views

CVE-2010-0389

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token.

5CVSS6.7AI score0.00444EPSS

CVE•added 2005/07/17 4:0 a.m.•41 views

CVE-2004-2216

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.

5CVSS7AI score0.00796EPSS

CVE•added 2005/06/08 4:0 a.m.•35 views

CVE-2005-1889

Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.

5CVSS6.9AI score0.0035EPSS

CVE•added 2008/05/09 3:20 p.m.•34 views

CVE-2008-2120

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

5CVSS6.8AI score0.00638EPSS

CVE•added 2005/05/02 4:0 a.m.•32 views

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang).

5CVSS6.8AI score0.00543EPSS