CVSS: 4.0EPSS: 0%CPEs: 25EXPL: 0CVE-2006-3921
https://notcve.org/view.php?id=CVE-2006-3921
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI. Sun Java System Application Server (SJSAS) 7 hasta la 8.1 y Web Server (SJSWS) 6.0 y 6.1 permite a usuarios remotos validados leer archivos fuera del "directorio de documentos del root" a través de respuesta directas utilizando una codificación URI UTF-8. • http://secunia.com/advisories/21251 http://secunia.com/advisories/22425 http://securitytracker.com/id?1016596 http://securitytracker.com/id?1016597 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102521-1 http://support.avaya.com/elmodocs2/security/ASA-2006-204.htm http://www.securityfocus.com/bid/19200 http://www.vupen.com/english/advisories/2006/3020 https://exchange.xforce.ibmcloud.com/vulnerabilities/28061 •
CVSS: 6.8EPSS: 1%CPEs: 20EXPL: 0CVE-2006-2501
https://notcve.org/view.php?id=CVE-2006-2501
Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages. • http://jvn.jp/jp/JVN%2303D5EAA8/index.html http://secunia.com/advisories/20147 http://securitytracker.com/id?1016125 http://securitytracker.com/id?1016126 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102164-1 http://www.kb.cert.org/vuls/id/114956 http://www.securityfocus.com/bid/18035 http://www.vupen.com/english/advisories/2006/1866 https://exchange.xforce.ibmcloud.com/vulnerabilities/26550 •
CVSS: 5.0EPSS: 9%CPEs: 8EXPL: 0CVE-2005-4806
https://notcve.org/view.php?id=CVE-2005-4806
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors. • http://secunia.com/advisories/16757 http://securitytracker.com/id?1014875 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101913-1 http://www.vupen.com/english/advisories/2005/1689 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1889
https://notcve.org/view.php?id=CVE-2005-1889
Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-101690-1 http://www.vupen.com/english/advisories/2005/0695 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2005-1232
https://notcve.org/view.php?id=CVE-2005-1232
Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57763-1 http://www.securityfocus.com/bid/82356 •