Vulnerabilities > SUN > Java System WEB Proxy Server

DATE CVE VULNERABILITY TITLE RISK
2009-07-27 CVE-2009-2597 Unspecified vulnerability in SUN Java System Access Manager Policy Agent 2.2
The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request.
network
low complexity
sun
7.8
7.8
2008-10-13 CVE-2008-4541 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Java System web Proxy Server
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
network
low complexity
sun CWE-119
critical
 10.0
10
2008-08-14 CVE-2008-3683 Denial of Service vulnerability in Sun Java System Web Proxy Server FTP Subsystem
Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.
network
low complexity
sun
5.0
5.0
2007-12-28 CVE-2007-6572 Cross-Site Scripting vulnerability in SUN products
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
network
sun CWE-79
4.3
4.3
2007-12-28 CVE-2007-6571 Cross-Site Scripting vulnerability in SUN products
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
network
sun CWE-79
4.3
4.3
2007-12-28 CVE-2007-6570 Cross-Site Scripting vulnerability in SUN products
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
network
sun CWE-79
4.3
4.3
2007-12-28 CVE-2007-6569 Cross-Site Scripting vulnerability in SUN products
Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.
network
sun CWE-79
4.3
4.3
2007-05-29 CVE-2007-2881 Buffer Overflow vulnerability in Sun Java Web Proxy Server
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.
network
low complexity
sun
critical
 10.0
10
2005-12-31 CVE-2005-4806 Denial-Of-Service vulnerability in SUN Java System web Proxy Server 3.6
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.
network
low complexity
sun
5.0
5.0
2005-05-02 CVE-2005-1232 Remote Security vulnerability in SUN Java System web Proxy Server 3.6
Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors.
network
low complexity
sun
7.5
7.5