One Web Server@6.1 Security Vulnerabilities and Issues — One Web Server@6.1 CVE List

Lucene search

SunOne Web Server6.1

4 matches found

CVE•added 2004/12/31 5:0 a.m.•142 views

CVE-2004-0826

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

7.5CVSS7.7AI score0.02995EPSS

CVE•added 2009/06/01 10:30 p.m.•89 views

CVE-2004-2763

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

5.8CVSS5.9AI score0.00408EPSS

CVE•added 2005/07/05 4:0 a.m.•54 views

CVE-2005-2094

Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward t...

4.3CVSS6.4AI score0.01559EPSS

CVE•added 2009/06/05 4:0 p.m.•50 views

CVE-2009-1934

Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.

4.3CVSS5.5AI score0.00603EPSS