NotCVE - vendor:"Sun" product:"One Application Server" version:" <= 7.0"

Page 3 of 13 results (0.003 seconds)

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 2

CVE-2003-0413 – Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2003-0413

Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Sun ONE Application Server para Windows 2000/XP permite a atacantes remotos insertar HTML arbitrario o script mediante una petición HTTP que genera un error "Invalid JSP file", lo que inserta el texto en el mensaje de error resultante. • https://www.exploit-db.com/exploits/22665 http://marc.info/?l=bugtraq&m=105409846029475&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57605 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201009-1 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0

CVE-2002-0387

https://notcve.org/view.php?id=CVE-2002-0387

Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. Desbordamiento de búfer en el conector gxnsapi6.dll del Módulo Conector de Sun ONE Application Server anterior a 6.5 permite a atacantes remotos ejecutar código arbitrario mediante una URL larga en una petición HTTP. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/52022 http://www.atstake.com/research/advisories/2003/a031303-1.txt http://www.ciac.org/ciac/bulletins/n-064.shtml http://www.securityfocus.com/bid/7082 https://exchange.xforce.ibmcloud.com/vulnerabilities/11529 •

CVSS: 5.0EPSS: 32%CPEs: 26EXPL: 2

CVE-2002-1042 – iPlanet Web Server 4.1 - Search Component File Disclosure

https://notcve.org/view.php?id=CVE-2002-1042

Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. • https://www.exploit-db.com/exploits/21603 http://archives.neohapsis.com/archives/bugtraq/2002-07/0085.html http://www.iss.net/security_center/static/9517.php http://www.securityfocus.com/bid/5191 •

1 2 3