Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java system access manager 6.3 2005q1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2712
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
Sun Opensso Enterprise 8.0
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
NA
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
1 EDB exploit
NA
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3
Sun Java System Access Manager 7.0 2005q4
NA
CVE-2007-0628
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) prior to 20070129 allow remote malicious users to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of the...
Sun Java System Access Manager 6.2
Sun Java System Access Manager 6.3
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started