Lucene search
K
SunJava System Web Server

7 matches found

CVE
CVE
added 2010/01/20 4:0 p.m.115 views

CVE-2010-0361

CVE-2010-0361 affects Sun Java System Web Server (SJWS) 7.0 Update 7, specifically the WebDAV handler: a stack-based buffer overflow in the WebDAV implementation of webservd can be triggered by a long URI in an HTTP OPTIONS request. Public exploit code and reports indicate remote attacker can cau...

10CVSS7.4AI score0.80521EPSS
Web
CVE
CVE
added 2010/01/08 5:0 p.m.72 views

CVE-2010-0273

Affected product/versions: Sun Java System Web Server 7.0 Update 7 (and related disclosures mentioning 7.0 Update 6/7). Vulnerability/root cause: Remote attackers can overwrite heap memory and read memory contents by sending a malformed HTTP TRACE request containing a long URI and many empty head...

7.5CVSS7.7AI score0.03573EPSS
CVE
CVE
added 2010/01/20 4:0 p.m.71 views

CVE-2010-0360

The Sun Java System Web Server 7.0 Update 7 contains a heap-based memory overflow in the HTTP TRACE path. Specifically, a malformed TRACE request with a long URI and many empty headers can cause heap corruption and expose memory contents, enabling remote attackers to overwrite and read heap memor...

10CVSS6AI score0.03138EPSS
CVE
CVE
added 2010/01/25 7:0 p.m.69 views

CVE-2010-0387

Summary: CVE-2010-0387 affects Sun Java System Web Server 7.0 Update 7 and is caused by multiple heap-based buffer overflows in webservd and the admin server. The issue can be triggered by a long value in the Authorization: Digest HTTP header, leading to a denial of service via daemon crash and p...

7.5CVSS7.5AI score0.077EPSS
CVE
CVE
added 2010/01/08 5:0 p.m.61 views

CVE-2010-0272

CVE-2010-0272 is discussed across multiple sources as a Sun Java System Web Server 7.0–era issue. Connected Red Hat data ties CVE-2010-0360 to a heap-overflow condition caused by a malformed HTTP TRACE request that can overwrite and reveal memory contents, suggesting a related memory-overwrite vu...

7.5CVSS7AI score0.02538EPSS
CVE
CVE
added 2010/01/25 7:0 p.m.60 views

CVE-2010-0389

CVE-2010-0389 affects Sun Java System Web Server 7.0 Update 6 (admin server). The vulnerability is a NULL pointer dereference in the admin server that can be triggered by an HTTP request missing a method token, leading to a denial of service (daemon crash). OpenVAS/OpenVAS-derived entries and Red...

5CVSS6.7AI score0.01741EPSS
CVE
CVE
added 2010/01/25 7:0 p.m.57 views

CVE-2010-0388

CVE-2010-0388 affects Sun Java System Web Server 7.0 Update 6 WebDAV/WEB service (webservd). The issue is a format string vulnerability in the XML declaration encoding attribute in PROPFIND requests within WebDAV, allowing remote attackers to trigger a daemon crash (DoS) and potentially other imp...

7.5CVSS7.2AI score0.07184EPSS