EUVD-2010-4425

Malware in sbrugna...

EUVD-2010-0910

Malware in sbrugna...

Sun Java System Communications Express 6.3 'UWCMain' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34155/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This issue is tracked by Sun Alert ID 258068. An attacker ma...

Sun Java System Communications Express 6.3 'search.xml' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34154/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

CVE-2010-4456

Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail...

CVE-2010-4456

CVE-2010-4456 affects Oracle Sun Java System Communications Express 6.2 and 6.3. The vulnerability allows remote attackers to affect integrity via unknown vectors related to Web Mail. The description does not specify concrete exploit details, affected versions beyond 6.2/6.3, or a remediation. No...

CVE-2010-4456

Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail...

Code injection

Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 6.2 and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book...

CVE-2010-0885

Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 6.2 and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book...

Design/Logic Flaw

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

CVE-2010-1227

Cross-site scripting XSS vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site...

CVE-2010-1227

CVE-2010-1227 describes a cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 that allows remote attackers to inject arbitrary Web script or HTML via the subject field of a message, demonstrated by a subject containing an IMG element whose SRC attribute ...

Sun Java System Communications Express Multiple HTML Injection Vuln

Exploit for unknown platform in category web applications ============================================================================== Sun Java System Communications Express Multiple HTML Injection Vulnerabilities ============================================================================== As...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...

CVE-2009-1729

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...

CVE-2009-1729

CVE-2009-1729 corresponds to multiple XSS flaws in Sun Java System Communications Express 6.2 (2005Q4) and 6.3. The vulnerabilities are in the Personal Address Book Add Contact path (uwc/abs/search.xml) via abperson_displayName and in UWCMain (uwc/base/UWCMain) via temporaryCalendars. Impact is c...

CVE-2009-1729

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...

CORE-2009-0109 - Multiple XSS in Sun Communications Express

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple XSS in Sun Communications Express 1. Advisory Information Title: Multiple XSS in Sun Communications Express Advisory ID: CORE-2009-0109 Advisory URL:...

Core Security Technologies Advisory 2009.0109

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple XSS in Sun Communications Express 1. Advisory Information Title: Multiple XSS in Sun Communications Express Advisory ID: CORE-2009-0109 Advisory URL:...