Sun ONE Web Server 6.1 SP1

CPE Details

Sun ONE Web Server 6.1 SP1
sun
one_web_server
6.1
2007-08-23
19h16 +00:00
2008-04-07
12h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sun:one_web_server:6.1:sp1:*:*:*:*:*:*

Informations

Vendor

sun

Product

one_web_server

Version

6.1

Update

sp1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2004-2763 2009-06-01 22h00 +00:00 The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
5.8
CVE-2005-2094 2005-06-30 02h00 +00:00 Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
4.3
CVE-2004-0826 2004-09-02 02h00 +00:00 Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
7.5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.