Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-4025
Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 up to and including 9.0 prior to 20070724 on Windows allows remote malicious users to obtain JSP source code via unspecified vectors.
Sun Java System Application Server 8.1
Sun Java System Application Server 8.2
Sun Java System Application Server 9.0
605
VMScore
CVE-2007-5153
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote malicious users to execute arbitrary code via unspecified vectors.
Sun Java System Access Manager 7.1
Sun Java System Application Server 8.1
Sun Java System Application Server 8.2
445
VMScore
CVE-2004-2216
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and previous versions and 6.1 SP1 and previous versions, and Application Server 7 Update 4 and previous versions, allows remote malicious users to cause a denial of service (crash) via a malformed client certificate.
Sun Java System Application Server 7.0
Sun Java System Web Server 6.1
Sun Java System Web Server 6.0
383
VMScore
CVE-2009-1796
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote malicious users to inject arbitrary web script or HTML via vectors related to an error page.
Sun Java System Portal Server 6.3.1
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
435
VMScore
CVE-2008-0240
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
1 EDB exploit
685
VMScore
CVE-2009-1357
CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 up to and including 6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELP_PAGE parameter.
Sun Java System Delegated Administrator 6.4
Sun Java System Delegated Administrator 6.2
Sun Java System Delegated Administrator 6.3
1 EDB exploit
445
VMScore
CVE-2008-0239
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote malicious users to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/...
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
3 EDB exploits
516
VMScore
CVE-2008-0241
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
828
VMScore
CVE-2007-3715
Sun Java System Application Server and Web Server 7.0 up to and including 9.0 prior to 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent malicious users to execute an arbitrary Java method via a crafted styleshe...
Sun Java System Application Server 8.2
Sun Java System Web Server 7.0
Sun Java System Application Server 9.0
383
VMScore
CVE-2008-5114
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »