Filtered by vendor Sun Subscriptions
Filtered by product Java System Communications Express Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-4456 1 Sun 1 Java System Communications Express 2024-11-21 N/A
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail.
CVE-2010-1227 1 Sun 1 Java System Communications Express 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc.
CVE-2009-1729 1 Sun 1 Java System Communications Express 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain.
CVE-2009-0877 1 Sun 1 Java System Communications Express 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.
CVE-2005-3472 1 Sun 1 Java System Communications Express 2024-11-21 N/A
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.