Filtered by vendor Sun
Subscriptions
Filtered by product Java System Communications Express
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-4456 | 1 Sun | 1 Java System Communications Express | 2024-11-21 | N/A |
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. | ||||
CVE-2010-1227 | 1 Sun | 1 Java System Communications Express | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc. | ||||
CVE-2009-1729 | 1 Sun | 1 Java System Communications Express | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain. | ||||
CVE-2009-0877 | 1 Sun | 1 Java System Communications Express | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field. | ||||
CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2024-11-21 | N/A |
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. |
Page 1 of 1.