| Max CVSS | 7.2 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-0411 | 5.0 |
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
|
02-02-2024 - 02:18 | 30-06-2003 - 04:00 | |
| CVE-2003-0414 | 7.2 |
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.
|
18-10-2016 - 02:33 | 30-06-2003 - 04:00 | |
| CVE-2003-0413 | 6.8 |
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an H
|
18-10-2016 - 02:33 | 30-06-2003 - 04:00 | |
| CVE-2003-0412 | 5.0 |
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.
|
18-10-2016 - 02:33 | 30-06-2003 - 04:00 |