CVE-2007-5152
- EPSS 1.81%
- Veröffentlicht 01.10.2007 05:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
CVE-2007-5153
- EPSS 3.81%
- Veröffentlicht 01.10.2007 05:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-3700
- EPSS 0.06%
- Veröffentlicht 11.07.2007 23:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows lo...
CVE-2007-0628
- EPSS 0.77%
- Veröffentlicht 31.01.2007 18:28:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parame...
CVE-2006-0531
- EPSS 0.08%
- Veröffentlicht 04.02.2006 00:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.