CVE-2020-9315

>= 7.0 and <= 7.0.27

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs i

7.5HIGH

CVE-2020-9314

>= 7.0 and <= 7.0.27

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via

4.8MEDIUM

CVE-2017-10055

all versions

Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware (subcomponent: Admin Graphical User Interface

6.1MEDIUM

CVE-2016-1950

all versions

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used

8.8HIGH

CVE-2015-7182

all versions

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.

9.8CRITICAL

CVE-2013-1620

all versions

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a nonc

CVE-2012-1738

all versions

Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and O

CVE-2004-2763

all versions

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE re

CVE-2007-0183

all versions

Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web scri

CVE-2002-1655

all versions

The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial

CVE-2002-1654

all versions

iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Aut

CVE-2002-1316

all versions

importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands v

CVE-2002-1315

all versions

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to exe

CVE-2002-1042

all versions

Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6,

CVE-2002-0845

all versions

Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request

CVE-2002-0686

all versions

Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to exe

CVE-2001-0747

all versions

Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a

CVE-2001-0746

all versions

Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denia

CVE-2001-0606

all versions

Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denia

CVE-2001-0431

all versions

Vulnerability in iPlanet Web Server Enterprise Edition 4.x.

CVE-2001-0327

<= 4.1_enterprise

iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation po

CVE-2001-1368

all versions

Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attacke

CVE-2000-1077

all versions

Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands

CVE-2000-0182

all versions

iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes mem