Lucene search

MitreCVE-2009-4187

HistoryDec 03, 2009 - 5:30 p.m.

CVE-2009-4187

2009-12-0317:30:02

CWE-79

mitre

web.nvd.nist.gov

cve

2009

4187

xss

vulnerabilities

sun java

portal server

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

59.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

sunjava_system_portal_serverMatch7.1

sunjava_system_portal_serverMatch7.2

AND

sunsolarisMatch9sparc

sunsolarisMatch9x86

sunsolarisMatch10sparc

sunsolarisMatch10x86

Node

sunjava_system_portal_serverMatch6.3.1

AND

sunsolarisMatch8sparc

sunsolarisMatch8x86

sunsolarisMatch9sparc

sunsolarisMatch9x86

sunsolarisMatch10sparc

sunsolarisMatch10x86

Node

sunjava_system_portal_serverMatch6.3.1linux

sunjava_system_portal_serverMatch7.1linux

sunjava_system_portal_serverMatch7.2linux

VendorProductVersionCPE
sunjava_system_portal_server7.1cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*
sunjava_system_portal_server7.2cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*
sunsolaris9cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*
sunsolaris9cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
sunsolaris10cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
sunsolaris10cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
sunjava_system_portal_server6.3.1cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:*:*:*:*:*:*
sunsolaris8cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*
sunsolaris8cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
sunjava_system_portal_server6.3.1cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:linux:*:*:*:*:*

Vendor	Product	Version	CPE
sun	java_system_portal_server	7.1	cpe:2.3:a:sun:java_system_portal_server:7.1:::::::*
sun	java_system_portal_server	7.2	cpe:2.3:a:sun:java_system_portal_server:7.2:::::::*
sun	solaris	9	cpe:2.3:o:sun:solaris:9::sparc:::::
sun	solaris	9	cpe:2.3:o:sun:solaris:9::x86:::::
sun	solaris	10	cpe:2.3:o:sun:solaris:10::sparc:::::
sun	solaris	10	cpe:2.3:o:sun:solaris:10::x86:::::
sun	java_system_portal_server	6.3.1	cpe:2.3:a:sun:java_system_portal_server:6.3.1:::::::*
sun	solaris	8	cpe:2.3:o:sun:solaris:8::sparc:::::
sun	solaris	8	cpe:2.3:o:sun:solaris:8::x86:::::
sun	java_system_portal_server	6.3.1	cpe:2.3:a:sun:java_system_portal_server:6.3.1::linux:::::

Rows per page:

1-10 of 121

References

securitytracker.com/id?1023260

sunsolve.sun.com/search/document.do?assetkey=1-21-138686-04-1

sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1

www.securityfocus.com/bid/37186

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

59.6%

JSON

Related for CVE-2009-4187