Java Asp Server

java_asp_server

Vendor: Sun • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-2406 1Sun 1Java Asp Server Apr 23, 2026 Jun 4, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.
CVE-2008-2404 1Sun 1Java Asp Server Apr 23, 2026 Jun 4, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.
CVE-2008-2403 1Sun 1Java Asp Server Apr 23, 2026 Jun 4, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Pa...Show more Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.Show less
CVE-2008-2402 1Sun 1Java Asp Server Apr 23, 2026 Jun 4, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and confi...Show more The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents.Show less