Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1084
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote malicious users to have an unspecified impact by modifying this object.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
NA
CVE-2009-1074
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not use SSL in all expected circumstances, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network, related to "ssl termination devices" and lack of ...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1077
The Change My Password implementation in the admin interface in Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not enforce the RequiresChallenge property setting, which allows remote authenticated users to change the passwords of other users, as demonstra...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1081
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1082
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the sa...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2007-0628
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) prior to 20070129 allow remote malicious users to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of the...
Sun Java System Access Manager 6.2
Sun Java System Access Manager 6.3
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.1
NA
CVE-2007-2904
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 up to and including 6.3, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.
Sun Java System Messaging Server 6.1
Sun Java System Messaging Server 6.0
Sun Java System Messaging Server 6.2
Sun Java System Messaging Server 6.3
NA
CVE-2009-4440
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote malicious users to hijack the backend connection of an authentica...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »