SUN » Java System Calendar Server » 6 x86 : Security Vulnerabilities, CVEs,
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
Max CVSS
5.0
EPSS Score
14.58%
Published
2009-04-01
Updated
2018-10-10
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml.
Max CVSS
4.3
EPSS Score
0.63%
Published
2009-04-01
Updated
2018-10-10
2 vulnerabilities found