CVE-2010-1227

CVE-2010-1227 describes a cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 that allows remote attackers to inject arbitrary Web script or HTML via the subject field of a message, demonstrated by a subject containing an IMG element whose SRC attribute ...

CVE-2005-3472

CVE-2005-3472 concerns Sun Java System Communications Express (2005Q1 and 2004Q2). The connected materials confirm the vulnerability allows local and remote attackers to read sensitive information from configuration files (impact: partial confidentiality). The documents do not provide specific ro...

CVE-2009-1729

CVE-2009-1729 corresponds to multiple XSS flaws in Sun Java System Communications Express 6.2 (2005Q4) and 6.3. The vulnerabilities are in the Personal Address Book Add Contact path (uwc/abs/search.xml) via abperson_displayName and in UWCMain (uwc/base/UWCMain) via temporaryCalendars. Impact is c...

CVE-2010-4456

CVE-2010-4456 affects Oracle Sun Java System Communications Express 6.2 and 6.3. The vulnerability allows remote attackers to affect integrity via unknown vectors related to Web Mail. The description does not specify concrete exploit details, affected versions beyond 6.2/6.3, or a remediation. No...

CVE-2009-0877

The CVE-2009-0877 entry describes multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express. The affected component is the web interface of Sun Java System Communications Express, where attackers can inject arbitrary web script or HTML via the Full Name or Subj...