Sun Java System Application Server 7.0

CPE Details

Sun Java System Application Server 7.0
sun
java_system_application_server
7.0
2007-08-23
19h16 +00:00
2007-09-14
15h36 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:sun:java_system_application_server:7.0:*:*:*:*:*:*:*

Informations

Vendor

sun

Product

java_system_application_server

Version

7.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2010-0386 2010-01-25 19h00 +00:00 The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a related issue to CVE-2004-2763 and CVE-2005-3398.
4.3
CVE-2008-2120 2008-05-09 13h00 +00:00 Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.
5
CVE-2006-6276 2006-12-04 10h00 +00:00 HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
6.8
CVE-2006-3921 2006-07-28 21h00 +00:00 Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
4
CVE-2005-4805 2006-05-25 10h00 +00:00 Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.
5
CVE-2005-4046 2005-12-07 10h00 +00:00 Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy."
4
CVE-2004-2216 2005-07-17 02h00 +00:00 Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.
5
CVE-2005-0742 2005-03-13 04h00 +00:00 Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
4.3