Vulnerabilities > SUN > Java System WEB Proxy Server > 4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-07-27 | CVE-2009-2597 | Unspecified vulnerability in SUN Java System Access Manager Policy Agent 2.2 The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request. | 7.8 |
2008-10-13 | CVE-2008-4541 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Java System web Proxy Server Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | 10.0 |
2007-12-28 | CVE-2007-6572 | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204. | 4.3 |
2007-12-28 | CVE-2007-6571 | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356. | 4.3 |
2007-12-28 | CVE-2007-6570 | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309. | 4.3 |
2007-05-29 | CVE-2007-2881 | Buffer Overflow vulnerability in Sun Java Web Proxy Server Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation. | 10.0 |