CVE-2004-2765
 
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Webmail en Sun ONE Messaging Server v6.1 e iPlanet Messaging Server v5.2 anterior a 5.2hf2.02, cuando se usa Internet Explorer, permite a atacantes inyectar secuencias de comandos web o HTML de su elección a través de un correo electrónico manipulado. Vulnerabilidad distinta de CVE-2005-2022 y CVE-2006-5486.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-01-28 CVE Reserved
- 2010-01-28 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://sunsolve.sun.com/search/document.do?assetkey=1-21-116568-56-1 | 2010-01-31 | |
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201601-1 | 2010-01-31 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sun Search vendor "Sun" | Iplanet Messaging Server Search vendor "Sun" for product "Iplanet Messaging Server" | 5.2 Search vendor "Sun" for product "Iplanet Messaging Server" and version "5.2" | - |
Affected
| in | Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 2.6 Search vendor "Sun" for product "Solaris" and version "2.6" | sparc |
Safe
|
Sun Search vendor "Sun" | Iplanet Messaging Server Search vendor "Sun" for product "Iplanet Messaging Server" | 5.2 Search vendor "Sun" for product "Iplanet Messaging Server" and version "5.2" | - |
Affected
| in | Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 8.0 Search vendor "Sun" for product "Solaris" and version "8.0" | sparc |
Safe
|
Sun Search vendor "Sun" | One Messaging Server Search vendor "Sun" for product "One Messaging Server" | 6.1 Search vendor "Sun" for product "One Messaging Server" and version "6.1" | - |
Affected
| in | Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 8.0 Search vendor "Sun" for product "Solaris" and version "8.0" | sparc |
Safe
|
Sun Search vendor "Sun" | One Messaging Server Search vendor "Sun" for product "One Messaging Server" | 6.1 Search vendor "Sun" for product "One Messaging Server" and version "6.1" | - |
Affected
| in | Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 9.0 Search vendor "Sun" for product "Solaris" and version "9.0" | sparc |
Safe
|
Sun Search vendor "Sun" | One Messaging Server Search vendor "Sun" for product "One Messaging Server" | 6.1 Search vendor "Sun" for product "One Messaging Server" and version "6.1" | - |
Affected
| in | Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 9.0 Search vendor "Sun" for product "Solaris" and version "9.0" | x86 |
Safe
|
Sun Search vendor "Sun" | One Messaging Server Search vendor "Sun" for product "One Messaging Server" | 6.1 Search vendor "Sun" for product "One Messaging Server" and version "6.1" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 2.1 Search vendor "Redhat" for product "Enterprise Linux" and version "2.1" | - |
Safe
|