Page 2 of 11 results (0.010 seconds)

CVSS: 7.5EPSS: 3%CPEs: 93EXPL: 0

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 http://www.securityfocus.com/bid/11015 http://xforce.iss.net/xforce/alerts/id/180 https://exchange.xforce.ibmcloud.com/vulnerabilities/16314 •

CVSS: 5.0EPSS: 28%CPEs: 12EXPL: 0

Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). • http://marc.info/?l=bugtraq&m=107936690702515&w=2 http://secunia.com/advisories/11132 http://www.macromedia.com/devnet/security/security_zone/mpsb04-04.html http://www.securityfocus.com/bid/9877 https://exchange.xforce.ibmcloud.com/vulnerabilities/15473 •

CVSS: 5.0EPSS: 1%CPEs: 12EXPL: 0

Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). • http://marc.info/?l=bugtraq&m=107936690702515&w=2 http://secunia.com/advisories/11130 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57517-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201713-1 http://www.securityfocus.com/bid/9877 https://exchange.xforce.ibmcloud.com/vulnerabilities/15473 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. La instalación de Sun ONE Application Server 7.0 para Windows 2000/XP crea un fichero de estado con permisos de lectura para todo el mundo, lo que permite a usuarios locales ganar privilegios leyendo contraseñas en texto plano en el fichero de estado. • http://marc.info/?l=bugtraq&m=105409846029475&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1 http://www.ciac.org/ciac/bulletins/n-103.shtml http://www.iss.net/security_center/static/12096.php http://www.securityfocus.com/bid/7712 http://www.spidynamics.com/sunone_alert.html •

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Sun ONE Application Server para Windows 2000/XP permite a atacantes remotos insertar HTML arbitrario o script mediante una petición HTTP que genera un error "Invalid JSP file", lo que inserta el texto en el mensaje de error resultante. • https://www.exploit-db.com/exploits/22665 http://marc.info/?l=bugtraq&m=105409846029475&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57605 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201009-1 http://sunsolve.sun.com/search/document.do? •