Lucene search
K
SunJava System Web Server

7 matches found

CVE
CVE
added 2010/01/08 5:0 p.m.73 views

CVE-2010-0273

Affected product/versions: Sun Java System Web Server 7.0 Update 7 (and related disclosures mentioning 7.0 Update 6/7). Vulnerability/root cause: Remote attackers can overwrite heap memory and read memory contents by sending a malformed HTTP TRACE request containing a long URI and many empty head...

7.5CVSS7.7AI score0.03573EPSS
CVE
CVE
added 2010/01/25 7:0 p.m.69 views

CVE-2010-0387

Summary: CVE-2010-0387 affects Sun Java System Web Server 7.0 Update 7 and is caused by multiple heap-based buffer overflows in webservd and the admin server. The issue can be triggered by a long value in the Authorization: Digest HTTP header, leading to a denial of service via daemon crash and p...

7.5CVSS7.5AI score0.077EPSS
CVE
CVE
added 2010/01/08 5:0 p.m.61 views

CVE-2010-0272

CVE-2010-0272 is discussed across multiple sources as a Sun Java System Web Server 7.0–era issue. Connected Red Hat data ties CVE-2010-0360 to a heap-overflow condition caused by a malformed HTTP TRACE request that can overwrite and reveal memory contents, suggesting a related memory-overwrite vu...

7.5CVSS7AI score0.02538EPSS
CVE
CVE
added 2007/03/16 9:0 p.m.58 views

CVE-2007-1488

CVE-2007-1488 concerns Sun Java System Web Server 6.0 and 6.1 prior to 20070315. The initial description marks the vulnerability as unspecified and notes that remote attackers could gain unauthorized access to data (potentially involving a sample application). The connected documents confirm the ...

7.5CVSS6.5AI score0.02617EPSS
CVE
CVE
added 2007/08/07 10:0 a.m.57 views

CVE-2007-4164

CVE-2007-4164 affects Sun Java System Web Server 6.1 and 7.0; CRLF injection in the redirect SAF when url-prefix is used (escape disabled) or Error directive uses url-prefix in obj.conf, enabling remote HTTP header injection/response splitting. Affected products require patches: Web Server 6.1 pa...

7.5CVSS6.6AI score0.02465EPSS
CVE
CVE
added 2010/01/25 7:0 p.m.57 views

CVE-2010-0388

CVE-2010-0388 affects Sun Java System Web Server 7.0 Update 6 WebDAV/WEB service (webservd). The issue is a format string vulnerability in the XML declaration encoding attribute in PROPFIND requests within WebDAV, allowing remote attackers to trigger a daemon crash (DoS) and potentially other imp...

7.5CVSS7.2AI score0.07184EPSS
CVE
CVE
added 2000/08/03 4:0 a.m.51 views

CVE-2000-0629

The CVE-2000-0629 issue affects Sun Java Web Server 2.0 and earlier, where the default installation includes the bboard servlet (/servlet/sunexamples.BBoardServlet) that has a well-known vulnerability allowing an attacker to execute arbitrary commands with the web server’s privileges. This is tri...

7.5CVSS7.9AI score0.0369EPSS