This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:sun:java_system_application_server |
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2004-12-31 |
| Product | Java System Application Server | Last view | 2012-10-16 |
| Version | Type | Application | |
| Edition | |||
| Language | |||
| Update | |||
Activity : Yearly
COMMON PLATFORM ENUMERATION : Repartition per Version
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2012-10-16 | CVE-2012-3155 | Network | Low | None Requ... | |
| 10 | 2011-04-19 | CVE-2011-0807 | Network | Low | None Requ... | |
| 4.3 | 2010-01-25 | CVE-2010-0386 | Network | Medium | None Requ... | |
| 5 | 2009-01-26 | CVE-2009-0278 | Network | Low | None Requ... | |
| 4.3 | 2008-11-28 | CVE-2008-5266 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4.3 | 2008-06-18 | CVE-2008-2751 | Network | Medium | None Requ... | |
| 5 | 2008-05-09 | CVE-2008-2120 | Network | Low | None Requ... | |
| 6.8 | 2007-10-01 | CVE-2007-5153 | Network | Medium | None Requ... | |
| 7.5 | 2007-10-01 | CVE-2007-5152 | Network | Low | None Requ... | |
| 5 | 2007-08-23 | CVE-2007-4511 | Network | Low | None Requ... | |
| 4.3 | 2007-07-26 | CVE-2007-4025 | Network | Medium | None Requ... | |
| 9.3 | 2007-07-11 | CVE-2007-3715 | Network | Medium | None Requ... | |
| 6.8 | 2006-12-04 | CVE-2006-6276 | Network | Medium | None Requ... | |
| 4 | 2006-07-28 | CVE-2006-3921 | Network | Low | Requires ... | |
| 2.6 | 2006-06-26 | CVE-2006-3225 | Network | High | None Requ... | |
| 6.8 | 2006-05-19 | CVE-2006-2501 | Network | Medium | None Requ... | |
| 5 | 2005-12-31 | CVE-2005-4805 | Network | Low | None Requ... | |
| 5 | 2005-12-31 | CVE-2005-4804 | Network | Low | None Requ... | |
| 4 | 2005-12-07 | CVE-2005-4046 | Network | High | None Requ... | |
| 4.3 | 2005-05-02 | CVE-2005-0742 | Network | Medium | None Requ... | |
| 5 | 2004-12-31 | CVE-2004-2216 | Network | Low | None Requ... | |
| 7.5 | 2004-12-31 | CVE-2004-0826 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (2) | CWE-200 | Information Exposure |
| 25% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 12% (1) | CWE-287 | Improper Authentication |
| 12% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 12% (1) | CWE-20 | Improper Input Validation |
| % | id | Name |
|---|---|---|
| 12% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classificatio
| id | Name |
|---|---|
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
Open Source Vulnerability Database (OSVDB)
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 71948 | Oracle Sun GlassFish Enterprise Server / Java System Application Server Craft... |
| 51604 | Sun Java System Application Server Multiple Directory Web Application Configu... |
| 46730 | GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple... |
| 46729 | GlassFish Application Server applications/lifecycleModulesNew.jsf Multiple Pa... |
| 46728 | GlassFish Application Server resourceNode/jdbcResourceNew.jsf Multiple Parame... |
| id | Description |
|---|---|
| 46727 | GlassFish Application Server resourceNode/jmsConnectionNew.jsf Multiple Param... |
| 46726 | GlassFish Application Server resourceNode/jmsDestinationNew.jsf Multiple Para... |
| 46725 | GlassFish Application Server resourceNode/externalResourceNew.jsf Multiple Pa... |
| 46724 | GlassFish Application Server resourceNode/customResourceNew.jsf Multiple Para... |
| 46074 | GlassFish Administration Console for Sun Java System Application Server confi... |
| 45828 | Sun Application Server Admin Console ORB Listener Services Weak Cipher Persis... |
| 44948 | Sun Java System Web Server / Application Server Unspecified JSP Source Disclo... |
| 37758 | Sun Java System Access Manager Container Restart Authentication Bypass |
| 37757 | Sun Java System Access Manager Unspecified Remote Code Execution |
| 37250 | Sun Java System (SJS) Application Server on Windows Unspecified JSP Source Di... |
| 37248 | Sun Java System Web / Application Server Crafted XSLT Stylesheet Arbitrary Ja... |
| 31727 | Sun Java System Server Products HTTP Request Smuggling |
| 27587 | Sun Java System Application/Web Server Unspecified Arbitrary File Disclosure |
| 26792 | Sun Java System Application Server Unspecified XSS |
| 25634 | Sun ONE/Java System Web Server Error Page XSS |
| 21461 | Sun Java Reverse SSL Proxy Plug-in MITM Weakness |
| 19950 | Sun Java System Application Server Unspecified JSP Source Code Disclosure |
| 19391 | Sun Java System Application Server JAR File Content Disclosure |
| 15003 | Sun Java System Application Server Unspecified XSS |
| 11408 | Sun Java System Application Server HTTP TRACE Response XSS |
Metasploit Exploits
| id | Description |
|---|---|
| 2011-08-04 | Sun/Oracle GlassFish Server Authenticated Code Execution |
