This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2008-12-12
Product Java System Portal Server Last view 2011-01-19
Version 7.2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sun:java_system_portal_server

Activity : Overall

Related : CVE

  Date Alert Description
1 2011-01-19 CVE-2010-4431

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy.

4.3 2009-12-03 CVE-2009-4187

Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2009-05-26 CVE-2009-1796

Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page.

5 2008-12-12 CVE-2008-5549

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
33% (1) CWE-264 Permissions, Privileges, and Access Controls

Open Source Vulnerability Database (OSVDB)

id Description
70565 Sun Java System Portal Server Proxy Unspecified Local Information Disclosure
60590 Sun Java System Portal Server Gateway Component Unspecified XSS
54705 Sun Java System Portal Server Unspecified XSS
50695 Sun Java System Portal Server Unspecified Information Disclosure

OpenVAS Exploits

id Description
2010-08-06 Name : Sun Java System Portal Server Multiple Cross Site Scripting Vulnerabilities
File : nvt/gb_sun_java_system_portal_server_xss_vuln.nasl