One Application Server Security Vulnerabilities and Issues — One Application Server CVE List

Lucene search

SunOne Application Server

3 matches found

CVE•added 2003/06/30 4:0 a.m.•51 views

CVE-2003-0413

Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" ...

6.8CVSS6.1AI score0.01684EPSS

CVE•added 2003/06/30 4:0 a.m.•45 views

CVE-2003-0414

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.

7.2CVSS7.1AI score0.00048EPSS

CVE•added 2003/06/30 4:0 a.m.•35 views

CVE-2003-0412

Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.

5CVSS7.1AI score0.01092EPSS