Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-4164
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 prior to 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.c...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
7.5
CVSSv2
CVE-2000-0629
The default configuration of the Sun Java web server 2.0 and previous versions allows remote malicious users to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.
Sun Java System Web Server 1.1.3
Sun Java System Web Server 2.0
4.3
CVSSv2
CVE-2008-2518
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably rela...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2008-5549
Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote malicious users to access local files and read the product's configuration information via unknown vectors related to "access to secure files by T...
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
6.8
CVSSv2
CVE-2010-0311
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote malicious users to obtain administrative access via unknown vectors.
Sun Java System Identity Server 8.1.0.5
Sun Java System Identity Server 8.1.0.6
5
CVSSv2
CVE-2005-4805
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and previous versions, and 2004Q2 Standard and Platform Edition Update 2 and previous versions, allows remote malicious users to obtain the source code for Java Server pages (JSP) vi...
Sun Java System Application Server 7.0
Sun Java System Application Server 6.0
5
CVSSv2
CVE-2005-4845
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote malicious users to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, w...
Sun Java Plug-in 1.4.2 04
Sun Java Plug-in 1.4.2 03
7.5
CVSSv2
CVE-2007-5152
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote malicious users to perform administrative tasks.
Sun Java System Access Manager 7.1
Sun Java System Application Server 9.1
4.3
CVSSv2
CVE-2008-6192
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.0
7.5
CVSSv2
CVE-2007-1488
Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 prior to 20070315 allows remote malicious users to "gain unauthorized access to data", possibly involving a sample application.
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »