CyberSecurityBoard
Sponsor Register Login

CVE-2009-1729

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain.

Publication date: Thu, 21 May 2009 19:30:00 +0000


Cyber News related to CVE-2009-1729

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago
CVE-2009-1729 - Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in ...
6 years ago
CVE-2006-2782 - Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. Fixed in: Firefox ...
6 years ago
CVE-2005-1729 - Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. ...
16 years ago
CVE-2010-1729 - WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. ...
13 years ago
CVE-2013-1729 - The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element. ...
11 years ago
CVE-2014-1729 - Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. ...
8 years ago
CVE-2002-1729 - Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. ...
7 years ago
CVE-2004-1729 - Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. ...
7 years ago
CVE-2012-1729 - Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3 and earlier allows remote attackers to affect integrity via unknown vectors related to UI and Visualization. ...
7 years ago
CVE-2016-1729 - Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application. <a href"http://cwe.mitre.org/data/definitions/426.html">CWE-426: ...
7 years ago
CVE-2017-16513 - Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729. ...
7 years ago
CVE-2011-1729 - Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. ...
6 years ago
CVE-2015-1729 - Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." ...
6 years ago
CVE-2007-1729 - SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbb_lang_id COOKIE parameter to index.php. ...
6 years ago
CVE-2006-1729 - Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file ...
6 years ago
CVE-2017-1729 - IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading ...
5 years ago
CVE-2018-1729 - IBM QRadar SIEM 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 147708. ...
5 years ago
CVE-2019-1729 - A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by ...
4 years ago
CVE-2021-1729 - Windows Update Stack Setup Elevation of Privilege Vulnerability ...
3 years ago
CVE-2008-1729 - The menu system in Drupal 6 before 6.2 has incorrect menu settings, which allows remote attackers to (1) edit the profile pages of arbitrary users, and obtain sensitive information from (2) tracker and (3) blog pages, related to a missing check for ...
3 years ago
CVE-2020-1729 - A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)