VYPR

Java System Communications Express

by Sun Corporation

CVEs (6)

  • CVE-2009-1729May 21, 2009
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact…

  • CVE-2010-4456Jan 19, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail.

  • CVE-2010-0885Apr 13, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book.

  • CVE-2010-1227Apr 1, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that…

  • CVE-2009-0877Mar 12, 2009
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.

  • CVE-2005-3472Nov 3, 2005
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.