Java System Communications Express
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1729 | 0.03 | — | 0.05 | May 21, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact… | |||
| CVE-2010-4456 | 0.00 | — | 0.02 | Jan 19, 2011 | Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. | |||
| CVE-2010-0885 | 0.00 | — | 0.02 | Apr 13, 2010 | Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book. | |||
| CVE-2010-1227 | 0.00 | — | 0.02 | Apr 1, 2010 | Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that… | |||
| CVE-2009-0877 | 0.00 | — | 0.02 | Mar 12, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field. | |||
| CVE-2005-3472 | 0.00 | — | 0.02 | Nov 3, 2005 | Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. |
- CVE-2009-1729May 21, 2009risk 0.03cvss —epss 0.05
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact…
- CVE-2010-4456Jan 19, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail.
- CVE-2010-0885Apr 13, 2010risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book.
- CVE-2010-1227Apr 1, 2010risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that…
- CVE-2009-0877Mar 12, 2009risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.
- CVE-2005-3472Nov 3, 2005risk 0.00cvss —epss 0.02
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.