Sun Java System Application Server 7.0
Approved changes feed: RSS · Atom
cpe:2.3:a:sun:java_system_application_server:7.0:*:*:*:*:*:*:*
part: a version: 7.0 update: *
| Vendor | Sun (f793a52f-9733-5503-ba70-29fa391cdd2b) |
|---|---|
| Product | Java System Application Server (95e10da0-09e7-5be1-b791-1345593279ce) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2010-0386 |
vulnerable | 2026-06-03 14:30:08.632804 |
Details available
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a related issue to CVE-2004-2763 and CVE-2005-3398.
Published: 2010-01-25T19:00:00.000Z
Updated: 2026-05-28T18:25:02.837Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-6276 |
vulnerable | 2026-06-03 14:27:48.019095 |
Details available
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
Published: 2006-12-04T11:00:00.000Z
Updated: 2024-08-07T20:19:35.091Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-3921 |
vulnerable | 2026-06-03 14:27:36.279290 |
Details available
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
Published: 2006-07-28T23:00:00.000Z
Updated: 2024-08-07T18:48:39.274Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4805 |
vulnerable | 2026-06-03 14:27:14.387964 |
Details available
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.
Published: 2006-05-25T10:00:00.000Z
Updated: 2024-09-17T02:52:20.046Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4046 |
vulnerable | 2026-06-03 14:27:12.112827 |
Details available
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy."
Published: 2005-12-07T11:00:00.000Z
Updated: 2024-08-07T23:31:48.948Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0742 |
vulnerable | 2026-06-03 14:26:51.417055 |
Details available
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Published: 2005-03-13T05:00:00.000Z
Updated: 2024-08-07T21:21:06.621Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2216 |
vulnerable | 2026-06-03 14:26:46.758148 |
Details available
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.
Published: 2005-07-17T04:00:00.000Z
Updated: 2024-08-08T01:22:12.837Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.