Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
1 EDB exploit
4.3
CVSSv2
CVE-2009-1796
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote malicious users to inject arbitrary web script or HTML via vectors related to an error page.
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
Sun Java System Portal Server 6.3.1
4.3
CVSSv2
CVE-2007-4025
Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 up to and including 9.0 prior to 20070724 on Windows allows remote malicious users to obtain JSP source code via unspecified vectors.
Sun Java System Application Server 8.1
Sun Java System Application Server 8.2
Sun Java System Application Server 9.0
6
CVSSv2
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 6.3
4.3
CVSSv2
CVE-2009-4187
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Portal Server 7.2
Sun Java System Portal Server 7.1
Sun Java System Portal Server 6.3.1
Sun Java System Portal Server 6.3.1
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
10
CVSSv2
CVE-2008-2404
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allows remote malicious users to execute arbitrary code via an unspecified string field.
Sun Java Asp Server 4.0
Sun Java Asp Server
5
CVSSv2
CVE-2008-2402
The Admin Server in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read password hashes and configuration data via direct requests for unspecified do...
Sun Java Asp Server 4.0
Sun Java Asp Server
7.5
CVSSv2
CVE-2008-2406
The administration application server in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allows remote malicious users to bypass authentication via direct requests on TCP port 5102.
Sun Java Asp Server 4.0
Sun Java Asp Server
4.3
CVSSv2
CVE-2006-5486
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 up to and including 6.2 and iPlanet Messaging Server 5.2 allows remote malicious users to execute arbitrary Javascript via crafted messages.
Sun Java System Messaging Server 6.2
Sun Iplanet Messaging Server 5.2
Sun Java System Messaging Server 6.0
Sun Java System Messaging Server 6.1
5
CVSSv2
CVE-2005-4845
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote malicious users to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, w...
Sun Java Plug-in 1.4.2 03
Sun Java Plug-in 1.4.2 04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »