Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-1075
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
4
CVSSv2
CVE-2009-1078
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
4.3
CVSSv2
CVE-2009-1079
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19659, 19660, and 19683.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
4.3
CVSSv2
CVE-2009-1080
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
9
CVSSv2
CVE-2009-1083
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote malicious users to execute arbitrary commands via vectors involving "resource ad...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
4.3
CVSSv2
CVE-2007-0628
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) prior to 20070129 allow remote malicious users to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of the...
Sun Java System Access Manager 6.2
Sun Java System Access Manager 6.3
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.1
5
CVSSv2
CVE-2009-1076
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
7.8
CVSSv2
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
6.8
CVSSv2
CVE-2009-4440
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote malicious users to hijack the backend connection of an authentica...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
4.3
CVSSv2
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »