Search

Find a vulnerability

Search criteria

    1 vulnerability found for Sun ONE Application Server by Sun Microsystems, Inc.

    JVNDB-2006-000293

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sun Java System Web Server cross-site scripting vulnerability
    Details
    Sun Java System Web Server (originally called Sun ONE Web Server) contains a cross-site scripting vulnerability. A vulnerable web server does not adequately validate the HTTP REFERER header before using the contents in the default error page.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000293.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sun Java System Web Server (originally called Sun ONE Web Server) contains a cross-site scripting vulnerability. A vulnerable web server does not adequately validate the HTTP REFERER header before using the contents in the default error page.",
      "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000293.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:sun:java_system_application_server",
          "@product": "Sun Java System Application Server",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:java_system_web_server",
          "@product": "Sun Java System Web Server",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:one_application_server",
          "@product": "Sun ONE Application Server",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2006-000293",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN03D5EAA8/index.html",
          "@id": "JVN#03D5EAA8",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2501",
          "@id": "CVE-2006-2501",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2501",
          "@id": "CVE-2006-2501",
          "@source": "NVD"
        },
        {
          "#text": "http://www.kb.cert.org/vuls/id/114956",
          "@id": "VU#114956",
          "@source": "CERT-VN"
        },
        {
          "#text": "http://www.securityfocus.com/bid/18035",
          "@id": "18035",
          "@source": "BID"
        }
      ],
      "title": "Sun Java System Web Server cross-site scripting vulnerability"
    }