CVSS: 5.8EPSS: 2%CPEs: 1EXPL: 0CVE-2010-3544
https://notcve.org/view.php?id=CVE-2010-3544
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console. Una vulnerabilidad no especificada en el componente Oracle iPlanet Web Server (Sun Java System Web Server) en Sun Products Suite de Oracle versión 7.0, permite a los atacantes remotos afectar la integridad y la disponibilidad por medio de vectores desconocidos relacionados con Administration. NOTA: la información anterior fue obtenida de la CPU en octubre de 2010. • http://jvn.jp/en/jp/JVN50133036/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000042.html http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 0CVE-2010-3564 – OpenJDK kerberos vulnerability (6958060)
https://notcve.org/view.php?id=CVE-2010-3564
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue. Una vulnerabilidad no especificada en el componente Oracle Communications Messaging Server (Sun Java System Messaging Server) en Sun Products Suite de Oracle versión 7.0, permite a los atacantes remotos afectar a la confidencialidad e integridad por medio de vectores desconocidos relacionados con Webmail. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://secunia.com/advisories/41972 http://secunia.com/advisories/42377 http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.avaya.com/css/P8/docum •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3545
https://notcve.org/view.php?id=CVE-2010-3545
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration. Vulnerabilidad no especificada en el componente Oracle iPlanet Web Server (Sun Java System Web Server) de Oracle Sun Product Suite v7.0, permite a atacantes remotos comprometer la confidencialidad e integridad a través de vectores desconocidos relacionados con "Administration". • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2010-3514 – Oracle Sun Java System Web Server - HTTP Response Splitting
https://notcve.org/view.php?id=CVE-2010-3514
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 6.1 and 7.0 allows remote attackers to affect integrity via unknown vectors related to Web Container. Vulnerabilidad no especificada en el componente del servidor web Oracle iPlanet (Sun Java System Web Server) en Oracle Sun Products Suite v6.1 y v7.0 permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Web Container. • https://www.exploit-db.com/exploits/15290 http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2414
https://notcve.org/view.php?id=CVE-2010-2414
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en los componentes (1) Sun Convergence 1 y (2) Sun Java Communications Suite 7 de Oracle Sun Products Suite v1.0 y v7.0 permite a atacantes remotos comprometer la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •