Sun Java Web Console vulnerabilities
4 known vulnerabilities affecting sun/java_web_console.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-2283MEDIUMCVSS 4.3v3.0.2v3.0.3+2 more2009-07-01
CVE-2009-2283 [MEDIUM] CWE-79 CVE-2009-2283: Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2008-5550MEDIUMCVSS 4.3v3.0.2v3.0.3+2 more2008-12-12
CVE-2008-5550 [MEDIUM] CVE-2008-5550: Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.
nvd
CVE-2008-1286HIGHCVSS 7.8v3.0.2v3.0.3+1 more2008-03-11
CVE-2008-1286 [HIGH] CVE-2008-1286: Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
nvd
CVE-2007-1681HIGHCVSS 7.5v2.2.2v2.2.3+2 more2007-04-19
CVE-2007-1681 [HIGH] CVE-2007-1681: Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.
nvd