This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2009-06-01 |
| Product | Iplanet Web Server | Last view | 2009-06-01 |
| Version | 4.1 | Type | Application |
| Update | sp11 | ||
| Edition | enterprise | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:sun:iplanet_web_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.8 | 2009-06-01 | CVE-2004-2763 | The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 11408 | Sun Java System Application Server HTTP TRACE Response XSS |
