CVSS: 1.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4431
https://notcve.org/view.php?id=CVE-2010-4431
Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy. Vulnerabilidad sin especificar en Oracle Sun Java System Portal Server 7.1 y 7.2 permite a usuarios locales afectar a la confidencialidad a través de vectores desconocidos relacionados con el Proxy. • http://osvdb.org/70565 http://secunia.com/advisories/42991 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45898 http://www.vupen.com/english/advisories/2011/0158 https://exchange.xforce.ibmcloud.com/vulnerabilities/64816 •
CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0CVE-2010-4444
https://notcve.org/view.php?id=CVE-2010-4444
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Java System Access Manager y Oracle OpenSSO v7, v7.1 y v8 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://osvdb.org/70579 http://osvdb.org/70580 http://secunia.com/advisories/42986 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45884 http://www.vupen.com/english/advisories/2011/0153 https://exchange.xforce.ibmcloud.com/vulnerabilities/64811 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4456
https://notcve.org/view.php?id=CVE-2010-4456
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. Vulnerabilidad no especificada en Oracle Sun Java System Communications Express v6.2 y v6.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con la Web de correo. • http://osvdb.org/70586 http://secunia.com/advisories/42990 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45896 http://www.vupen.com/english/advisories/2011/0157 https://exchange.xforce.ibmcloud.com/vulnerabilities/64815 •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2010-0887 – Java: Java Web Start arbitrary command line injection
https://notcve.org/view.php?id=CVE-2010-0887
Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad sin especificar en el componente New Java Plug-in en Oracle Java SE y Java para Business JDK y JRE 6 Update 18 y 19, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2010//May/msg00001.html http://lists.apple.com/archives/security-announce/2010//May/msg00002.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/39819 http://support.apple.com/kb/HT4170 http://support.apple.com/kb/HT4171 http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html http://www.vupen.com/english/advisories/2010/1191 https://access.redhat.com/security/cv •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-1227
https://notcve.org/view.php?id=CVE-2010-1227
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc. Una vulnerabilidad de tipo cross-site scripting (XSS) en Sun Java System Communications Express versiones 6.2 y 6.3, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del campo asunto de un mensaje, como es demostrado por un asunto que contiene un elemento IMG con un atributo SRC que realiza un ataque de tipo cross-site request forgery (CSRF) que involucra los parámetros cmd y argv en el archivo cmd.msc. • http://secunia.com/advisories/42990 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/archive/1/510154/100/0/threaded http://www.vupen.com/english/advisories/2011/0157 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •