Page 2 of 11 results (0.010 seconds)

CVSS: 6.8EPSS: 1%CPEs: 20EXPL: 0

Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages. • http://jvn.jp/jp/JVN%2303D5EAA8/index.html http://secunia.com/advisories/20147 http://securitytracker.com/id?1016125 http://securitytracker.com/id?1016126 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102164-1 http://www.kb.cert.org/vuls/id/114956 http://www.securityfocus.com/bid/18035 http://www.vupen.com/english/advisories/2006/1866 https://exchange.xforce.ibmcloud.com/vulnerabilities/26550 •

CVSS: 5.0EPSS: 4%CPEs: 13EXPL: 0

Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors. • http://secunia.com/advisories/17164 http://securitytracker.com/id?1015047 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101910-1 http://www.osvdb.org/19950 http://www.securityfocus.com/bid/15084 •

CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy." • http://secunia.com/advisories/17873 http://securitytracker.com/id?1015312 http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102012-1 http://www.securityfocus.com/bid/15728 http://www.vupen.com/english/advisories/2005/2753 •

CVSS: 4.3EPSS: 1%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57742-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200314-1 http://www.securityfocus.com/bid/12775 •

CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 0

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. • http://secunia.com/advisories/13072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101589-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 http://www.osvdb.org/11383 http://www.securityfocus.com/bid/11593 https://exchange.xforce.ibmcloud.com/vulnerabilities/17941 •