This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sun:java_system_application_server
Detail
VendorSunFirst view 2004-12-31
ProductJava System Application ServerLast view 2012-10-16
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:sun:java_system_application_server:9.1_02:b04-fcs1
cpe:/a:sun:java_system_application_server:9.1_011
cpe:/a:sun:java_system_application_server:9.1_01:b09d-fcs1
cpe:/a:sun:java_system_application_server:9.12
cpe:/a:sun:java_system_application_server:9.0_0.11
Hide | Show 48 More...
CPE NameAffected CVE
cpe:/a:sun:java_system_application_server:9.0::platform_linux1
cpe:/a:sun:java_system_application_server:9.0::platform_sparc1
cpe:/a:sun:java_system_application_server:9.0::platform_windows1
cpe:/a:sun:java_system_application_server:9.0::platform_x861
cpe:/a:sun:java_system_application_server:9.0::platform2
cpe:/a:sun:java_system_application_server:8.2::enterprise_x861
cpe:/a:sun:java_system_application_server:8.2::linux1
cpe:/a:sun:java_system_application_server:8.2::platform2
cpe:/a:sun:java_system_application_server:8.2::platform_linux1
cpe:/a:sun:java_system_application_server:8.2::platform_sparc1
cpe:/a:sun:java_system_application_server:8.2::platform_windows1
cpe:/a:sun:java_system_application_server:8.22
cpe:/a:sun:java_system_application_server:8.2::platform_x861
cpe:/a:sun:java_system_application_server:8.2::enterprise2
cpe:/a:sun:java_system_application_server:8.2::sparc1
cpe:/a:sun:java_system_application_server:8.2::enterprise_linux1
cpe:/a:sun:java_system_application_server:8.2::windows1
cpe:/a:sun:java_system_application_server:8.2::enterprise_sparc1
cpe:/a:sun:java_system_application_server:8.2::x861
cpe:/a:sun:java_system_application_server:8.2::enterprise_windows1
cpe:/a:sun:java_system_application_server:8.1::sparc1
cpe:/a:sun:java_system_application_server:8.1::standard1
cpe:/a:sun:java_system_application_server:8.1::windows1
cpe:/a:sun:java_system_application_server:8.1::x861
cpe:/a:sun:java_system_application_server:8.1:ur11
cpe:/a:sun:java_system_application_server:8.1:ur1:platform4
cpe:/a:sun:java_system_application_server:8.12
cpe:/a:sun:java_system_application_server:8.1::enterprise6
cpe:/a:sun:java_system_application_server:8.1::linux1
cpe:/a:sun:java_system_application_server:8.1::platform4
cpe:/a:sun:java_system_application_server:7.12
cpe:/a:sun:java_system_application_server:7.08
cpe:/a:sun:java_system_application_server:7.0:ur45
cpe:/a:sun:java_system_application_server:7.0::enterprise3
cpe:/a:sun:java_system_application_server:7.0:ur5:platform3
cpe:/a:sun:java_system_application_server:7.0::platform6
cpe:/a:sun:java_system_application_server:7.0:ur5:standard3
cpe:/a:sun:java_system_application_server:7.0::standard6
cpe:/a:sun:java_system_application_server:7.0:ur6:platform2
cpe:/a:sun:java_system_application_server:7.0:ur1:enterprise3
cpe:/a:sun:java_system_application_server:7.0:ur6:standard2
cpe:/a:sun:java_system_application_server:7.0:ur1:standard4
cpe:/a:sun:java_system_application_server:7.0:ur2:enterprise3
cpe:/a:sun:java_system_application_server:7.0:ur2:platform2
cpe:/a:sun:java_system_application_server:7.0:ur2:standard4
cpe:/a:sun:java_system_application_server:7.0:ur3:enterprise1
cpe:/a:sun:java_system_application_server:7.0:ur3:standard1
cpe:/a:sun:java_system_application_server:6.0::platform1

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52012-10-16CVE-2012-3155NetworkLowNone Requ...
102011-04-19CVE-2011-0807NetworkLowNone Requ...
4.32010-01-25CVE-2010-0386NetworkMediumNone Requ...
52009-01-26CVE-2009-0278NetworkLowNone Requ...
4.32008-11-28CVE-2008-5266NetworkMediumNone Requ...
Hide | Show 17 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32008-06-18CVE-2008-2751NetworkMediumNone Requ...
52008-05-09CVE-2008-2120NetworkLowNone Requ...
6.82007-10-01CVE-2007-5153NetworkMediumNone Requ...
7.52007-10-01CVE-2007-5152NetworkLowNone Requ...
52007-08-23CVE-2007-4511NetworkLowNone Requ...
4.32007-07-26CVE-2007-4025NetworkMediumNone Requ...
9.32007-07-11CVE-2007-3715NetworkMediumNone Requ...
6.82006-12-04CVE-2006-6276NetworkMediumNone Requ...
42006-07-28CVE-2006-3921NetworkLowRequires ...
2.62006-06-26CVE-2006-3225NetworkHighNone Requ...
6.82006-05-19CVE-2006-2501NetworkMediumNone Requ...
52005-12-31CVE-2005-4805NetworkLowNone Requ...
52005-12-31CVE-2005-4804NetworkLowNone Requ...
42005-12-07CVE-2005-4046NetworkHighNone Requ...
4.32005-05-02CVE-2005-0742NetworkMediumNone Requ...
52004-12-31CVE-2004-2216NetworkLowNone Requ...
7.52004-12-31CVE-2004-0826NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (2)CWE-200Information Exposure
25% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
12% (1)CWE-287Improper Authentication
12% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
12% (1)CWE-20Improper Input Validation
Hide | Show 1 More...
%idName
12% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-47Buffer Overflow via Parameter Expansion

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
71948Oracle Sun GlassFish Enterprise Server / Java System Application Server Craft...
51604Sun Java System Application Server Multiple Directory Web Application Configu...
46730GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple...
46729GlassFish Application Server applications/lifecycleModulesNew.jsf Multiple Pa...
46728GlassFish Application Server resourceNode/jdbcResourceNew.jsf Multiple Parame...
Hide | Show 20 More...
idDescription
46727GlassFish Application Server resourceNode/jmsConnectionNew.jsf Multiple Param...
46726GlassFish Application Server resourceNode/jmsDestinationNew.jsf Multiple Para...
46725GlassFish Application Server resourceNode/externalResourceNew.jsf Multiple Pa...
46724GlassFish Application Server resourceNode/customResourceNew.jsf Multiple Para...
46074GlassFish Administration Console for Sun Java System Application Server confi...
45828Sun Application Server Admin Console ORB Listener Services Weak Cipher Persis...
44948Sun Java System Web Server / Application Server Unspecified JSP Source Disclo...
37758Sun Java System Access Manager Container Restart Authentication Bypass
37757Sun Java System Access Manager Unspecified Remote Code Execution
37250Sun Java System (SJS) Application Server on Windows Unspecified JSP Source Di...
37248Sun Java System Web / Application Server Crafted XSLT Stylesheet Arbitrary Ja...
31727Sun Java System Server Products HTTP Request Smuggling
27587Sun Java System Application/Web Server Unspecified Arbitrary File Disclosure
26792Sun Java System Application Server Unspecified XSS
25634Sun ONE/Java System Web Server Error Page XSS
21461Sun Java Reverse SSL Proxy Plug-in MITM Weakness
19950Sun Java System Application Server Unspecified JSP Source Code Disclosure
19391Sun Java System Application Server JAR File Content Disclosure
15003Sun Java System Application Server Unspecified XSS
11408Sun Java System Application Server HTTP TRACE Response XSS

Metasploit Exploits

idDescription
2011-08-04Sun/Oracle GlassFish Server Authenticated Code Execution

OpenVAS Exploits

idDescription
2012-10-25Name : Oracle GlassFish/Java System Application Server CORBA ORB Subcomponent DoS Vu...
File : nvt/secpod_oracle_glassfish_n_sjas_corba_orb_comp_dos_vuln.nasl
2011-04-22Name : Oracle GlassFish/System Application Server Security Bypass Vulnerability
File : nvt/gb_oracle_glassfish_n_sjas_sec_bypass_vuln.nasl
2010-02-08Name : Sun Java System Application Server Cross Site Tracing Vulnerability
File : nvt/gb_sun_java_app_serv_xst_vuln.nasl
2009-02-06Name : Sun Java System Application Server Information Disclosure vulnerability
File : nvt/secpod_sun_java_app_serv_info_disc_vuln.nasl
2008-09-04Name : FreeBSD Ports: nss
File : nvt/freebsd_nss.nasl
Hide | Show 1 More...
idDescription
2005-11-03Name : NSS Library SSLv2 Challenge Overflow
File : nvt/sslv2_hello_overflow.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2009-T-0009Sun Java System Application Server Information Disclosure Vulnerability
Severity : Category II - VMSKEY : V0018273
2008-B-0045Multiple Sun Java System Application Server and Web Server Vulnerabilities
Severity : Category II - VMSKEY : V0016025

Snort® IPS/IDS

DateDescription
2014-01-10SSLv2 Client_Hello Challenge Length overflow attempt
RuleID : 2656-community - Type : SERVER-WEBAPP - Revision : 21
2014-01-10SSLv2 Client_Hello Challenge Length overflow attempt
RuleID : 2656 - Type : SERVER-WEBAPP - Revision : 21
2014-01-10Oracle GlassFish Server successful authentication bypass attempt
RuleID : 20160 - Type : SERVER-WEBAPP - Revision : 8
2014-01-10Oracle GlassFish Server authentication bypass attempt
RuleID : 20159 - Type : SERVER-WEBAPP - Revision : 7
2014-01-10Oracle GlassFish Server default credentials login attempt
RuleID : 20158 - Type : SERVER-WEBAPP - Revision : 9
Hide | Show 2 More...
DateDescription
2014-01-10Oracle GlassFish Server war file upload attempt
RuleID : 20157 - Type : SERVER-ORACLE - Revision : 8
2014-01-10SSLv1 Client_Hello Challenge Length overflow attempt
RuleID : 15897 - Type : WEB-MISC - Revision : 4

Nessus® Vulnerability Scanner

idDescription
2014-09-05Name : The remote host has a web server installed that is affected by a vulnerabilit...
File : glassfish_cve-2012-3155.nasl - Type : ACT_GATHER_INFO
2014-09-05Name : The remote host has an application server installed that is affected by a vul...
File : sun_java_app_server_cve-2012-3155.nasl - Type : ACT_GATHER_INFO
2013-07-18Name : The remote host has an application server installed that is affected by an in...
File : sun_java_app_server_info_disclosure.nasl - Type : ACT_GATHER_INFO
2011-08-17Name : The remote web server has an authentication bypass vulnerability that may per...
File : glassfish_get_auth_bypass.nasl - Type : ACT_ATTACK
2009-04-23Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_207f8ff3f69711d881b0000347a4fa7d.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2007-10-18Name : The remote host is missing Sun Security Patch number 124672-20
File : solaris8_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote host is missing Sun Security Patch number 124672-20
File : solaris10_124672.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote host is missing Sun Security Patch number 124673-20
File : solaris10_x86_124673.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote host is missing Sun Security Patch number 124673-20
File : solaris9_x86_124673.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote host is missing Sun Security Patch number 124672-20
File : solaris9_124672.nasl - Type : ACT_GATHER_INFO
2007-10-12Name : The remote host is missing Sun Security Patch number 125437-22
File : solaris10_125437.nasl - Type : ACT_GATHER_INFO
2007-10-12Name : The remote host is missing Sun Security Patch number 125438-22
File : solaris10_x86_125438.nasl - Type : ACT_GATHER_INFO
2007-10-12Name : The remote host is missing Sun Security Patch number 125437-22
File : solaris8_125437.nasl - Type : ACT_GATHER_INFO
2007-10-12Name : The remote host is missing Sun Security Patch number 125438-22
File : solaris9_x86_125438.nasl - Type : ACT_GATHER_INFO
2007-10-12Name : The remote host is missing Sun Security Patch number 125437-22
File : solaris9_125437.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119166-43
File : solaris8_119166.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 116648-25
File : solaris9_116648.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119167-43
File : solaris9_x86_119167.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 116648-25
File : solaris10_116648.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119166-43
File : solaris9_119166.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119166-43
File : solaris10_119166.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119167-43
File : solaris10_x86_119167.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 116648-25
File : solaris8_116648.nasl - Type : ACT_GATHER_INFO
2004-08-24Name : The remote service is susceptible to a buffer overflow attack.
File : sslv2_hello_overflow.nasl - Type : ACT_MIXED_ATTACK
2003-01-23Name : Debugging functions are enabled on the remote web server.
File : xst_http_trace.nasl - Type : ACT_GATHER_INFO