Vulnerabilities > SUN > Java System Portal Server > 7.2

DATE CVE VULNERABILITY TITLE RISK
2011-01-19 CVE-2010-4431 Local Security vulnerability in SUN Java System Portal Server 7.1/7.2
Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy.
local
high complexity
sun
1.0
1.0
2009-12-03 CVE-2009-4187 Cross-Site Scripting vulnerability in SUN Java System Portal Server 6.3.1/7.1/7.2
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
sun CWE-79
4.3
4.3
2009-05-26 CVE-2009-1796 Cross-Site Scripting vulnerability in SUN Java System Portal Server 6.3.1/7.1/7.2
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page.
network
sun CWE-79
4.3
4.3
2008-12-12 CVE-2008-5549 Permissions, Privileges, and Access Controls vulnerability in SUN Java System Portal Server 7.1/7.2
Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."
network
low complexity
sun CWE-264
5.0
5.0