Sun Java Asp Server vulnerabilities
4 known vulnerabilities affecting sun/java_asp_server.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-2403CRITICALCVSS 10.0≤ 4.0.2v4.0+1 more2008-06-04
CVE-2008-2403 [CRITICAL] CWE-22 CVE-2008-2403: Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Serv
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
nvd
CVE-2008-2404CRITICALCVSS 10.0≤ 4.0.2v4.02008-06-04
CVE-2008-2404 [CRITICAL] CWE-119 CVE-2008-2404: Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.
nvd
CVE-2008-2406HIGHCVSS 7.5≤ 4.0.2v4.02008-06-04
CVE-2008-2406 [HIGH] CWE-287 CVE-2008-2406: The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allo
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.
nvd
CVE-2008-2402MEDIUMCVSS 5.0≤ 4.0.2v4.02008-06-04
CVE-2008-2402 [MEDIUM] CWE-264 CVE-2008-2402: The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive informat
The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents.
nvd