CVE-2008-5549

CVE-2008-5549 affects the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2. The connected Nessus/NASL data identify affected patches for Solaris 10 (SPARC/x86) — e.g., 124301-16, 124302-16, 138686-07 — as maintenance updates addressing this vulnerability. The issue ena...

CVE-2008-6192

CVE-2008-6192 describes multiple XSS vulnerabilities in unspecified Portlets of Sun Java System Portal Server 7.0 and 7.1. The initial description notes remote injection of arbitrary scripts via unknown vectors, without concrete exploit details. Connected documents include Solaris patch reference...

CVE-2007-4289

The connected records indicate CVE-2007-4289 is related to improper handling of XSLT stylesheets in XML signatures, affecting Sun Java System Access Manager 6.3–7.1 and Sun Java System Identity Server 6.1–6.2, where crafted XSLT transforms could allow context-dependent attackers to execute arbitr...

CVE-2009-4187

CVE-2009-4187 affects Sun Java System Portal Server Gateway component across versions 6.3.1, 7.1, and 7.2, with multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script/HTML via unspecified vectors. Public assessments in OpenVAS/NVD indicate basic...

CVE-2010-4431

CVE-2010-4431 affects Oracle Sun Java System Portal Server 7.1 Update 2 on Solaris (SPARC/X86). The vulnerability is described as an unspecified local-confidentiality issue related to the Portal’s proxy handling. Nessus/NVD references suggest patches are available: Solaris patch 124301-16 (SPARC)...

CVE-2009-1796

CVE-2009-1796 : The connected sources indicate a cross‑site scripting (XSS) vulnerability in Sun Java System Portal Server versions 6.3.1, 7.1, and 7.2. The issue is triggered by vectors related to an error page, allowing remote attackers to inject arbitrary web script or HTML. The sources do not...