NotCVE - vendor:"Sun" product:"Java System Portal Server" version:"7.1"

5 results (0.017 seconds)

CVSS: 1.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2010-4431

https://notcve.org/view.php?id=CVE-2010-4431

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy. Vulnerabilidad sin especificar en Oracle Sun Java System Portal Server 7.1 y 7.2 permite a usuarios locales afectar a la confidencialidad a través de vectores desconocidos relacionados con el Proxy. • http://osvdb.org/70565 http://secunia.com/advisories/42991 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45898 http://www.vupen.com/english/advisories/2011/0158 https://exchange.xforce.ibmcloud.com/vulnerabilities/64816 •

CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0

CVE-2009-4187

https://notcve.org/view.php?id=CVE-2009-4187

Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados(XSS) en el componente Gateway en Sun Java System Portal Server v6.3.1, v7.1, y v7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria. • http://securitytracker.com/id?1023260 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1 http://www.securityfocus.com/bid/37186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

CVE-2009-1796

https://notcve.org/view.php?id=CVE-2009-1796

Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Sun Java System Portal Server v6.3.1, v7.1, y v7.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores relacionados con una pagina de error. • http://osvdb.org/54705 http://secunia.com/advisories/35221 http://sunsolve.sun.com/search/document.do?assetkey=1-21-118950-38-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256588-1 http://www.securityfocus.com/bid/35082 http://www.securitytracker.com/id?1022273 http://www.vupen.com/english/advisories/2009/1411 https://exchange.xforce.ibmcloud.com/vulnerabilities/50704 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-6192

https://notcve.org/view.php?id=CVE-2008-6192

Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Portlets no especificados en Sun Java System Portal Server 7.0 y 7.1 que permite a los atacantes remotos inyectar arbitrariamente secuencias de comandos web o HTML a través de vectores desconocidos. • http://secunia.com/advisories/31538 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239308-1 http://www.securityfocus.com/bid/30738 http://www.securitytracker.com/id?1020706 http://www.vupen.com/english/advisories/2008/2404 https://exchange.xforce.ibmcloud.com/vulnerabilities/44531 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-5549

https://notcve.org/view.php?id=CVE-2008-5549

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet." Vulnerabilidad sin especificar en los componentes de Sun Java Web Console en Sun Java System Portal Server v7.1 y v7.2 permite a atacantes remotos acceder a ficheros locales y leer la información de configuración del producto mediante vectores desconocidos, relacionado a "acceso a ficheros seguros por ThemeServlet". • http://secunia.com/advisories/33120 http://securitytracker.com/id?1021380 http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1 http://www.securityfocus.com/bid/32770 http://www.vupen.com/english/advisories/2008/3408 https://exchange.xforce.ibmcloud.com/vulnerabilities/47256 • CWE-264: Permissions, Privileges, and Access Controls •