Lucene search
K
SunJava System Web Server

8 matches found

CVE
CVE
added 2007/07/11 11:0 p.m.93 views

CVE-2007-3715

CVE-2007-3715 affects Sun Java System Application Server and Web Server (7.0–9.0 prior to 20070710). The issue arises in XSLT transforms used in XML signatures, where an attacker could craft a stylesheet to trigger a context-dependent Java method execution, enabling remote code execution. The des...

9.3CVSS6.6AI score0.02288EPSS
CVE
CVE
added 2007/03/20 8:0 p.m.63 views

CVE-2007-1526

CVE-2007-1526 affects Sun Java System Web Server 6.1 prior to 20070314. The flaw allows remote authenticated users with revoked client certificates to bypass CRL checks and access secure web server instances running under a different admin account via unspecified vectors. Remediation in the conne...

6CVSS6.2AI score0.00908EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.58 views

CVE-2007-6571

CVE-2007-6571 describes a cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected product/version: Sun Java System Web Proxy Server 3.6 prior to SP11...

4.3CVSS5.8AI score0.01659EPSS
CVE
CVE
added 2007/03/16 9:0 p.m.57 views

CVE-2007-1488

CVE-2007-1488 concerns Sun Java System Web Server 6.0 and 6.1 prior to 20070315. The initial description marks the vulnerability as unspecified and notes that remote attackers could gain unauthorized access to data (potentially involving a sample application). The connected documents confirm the ...

7.5CVSS6.5AI score0.02617EPSS
CVE
CVE
added 2007/08/07 10:0 a.m.56 views

CVE-2007-4164

CVE-2007-4164 affects Sun Java System Web Server 6.1 and 7.0; CRLF injection in the redirect SAF when url-prefix is used (escape disabled) or Error directive uses url-prefix in obj.conf, enabling remote HTTP header injection/response splitting. Affected products require patches: Web Server 6.1 pa...

7.5CVSS6.6AI score0.02465EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.56 views

CVE-2007-6570

CVE-2007-6570 describes a Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server’s View URL Database functionality. Affected software versions are Sun Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11. The vulnerability allows remote attackers to inject arbitrary web...

4.3CVSS5.8AI score0.02235EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.53 views

CVE-2007-6569

Sun Java System Web Proxy Server 4.x (and Web Server) are vulnerable to cross-site scripting in the View Error Log/related log-viewing function (BugID 6566246). The JVN entry confirms the issue is a client-side script injection via unspecified vectors, affecting the Web Server and Web Proxy Serve...

4.3CVSS5.8AI score0.01875EPSS
CVE
CVE
added 2007/12/28 9:0 p.m.51 views

CVE-2007-6572

CVE-2007-6572 is an XSS vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1. It allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (BugID 6566204). Affected components: Sun Java System Web Server 6.1 (pre-SP8) and 7.0 (pre-Update ...

4.3CVSS5.8AI score0.01659EPSS