Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for java_system_calendar_server by sun
CVE-2009-1219 (GCVE-0-2009-1219)
Vulnerability from nvd – Published: 2009-04-01 18:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2009-03-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"name": "http://www.coresecurity.com/content/sun-calendar-express",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1219",
"datePublished": "2009-04-01T18:00:00.000Z",
"dateReserved": "2009-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1218 (GCVE-0-2009-1218)
Vulnerability from nvd – Published: 2009-04-01 18:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2009-03-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "http://www.coresecurity.com/content/sun-calendar-express",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1218",
"datePublished": "2009-04-01T18:00:00.000Z",
"dateReserved": "2009-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2749 (GCVE-0-2008-2749)
Vulnerability from nvd – Published: 2008-06-18 19:29 – Updated: 2024-08-07 09:14
VLAI?
Summary
Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2008-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:14:14.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2749",
"datePublished": "2008-06-18T19:29:00.000Z",
"dateReserved": "2008-06-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:14:14.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0742 (GCVE-0-2004-0742)
Vulnerability from nvd – Published: 2004-07-23 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2004-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57586",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57586",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57586",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/881254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0742",
"datePublished": "2004-07-23T04:00:00.000Z",
"dateReserved": "2004-07-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:46.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2009-1218
Vulnerability from fkie_nvd - Published: 2009-04-01 18:30 - Updated: 2026-04-23 00:35
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:sparc:*:*:*:*:*",
"matchCriteriaId": "1C2387AF-026B-423B-A396-55034DC984A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:sparc:*:*:*:*:*",
"matchCriteriaId": "E54204FF-DAA2-4D25-91CA-78DC271C35BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:sparc:*:*:*:*:*",
"matchCriteriaId": "E04C0F4E-6825-4EED-994F-4FACCABD4670",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:x86:*:*:*:*:*",
"matchCriteriaId": "65EA6495-81BA-4124-82AB-C81AB94E2F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:x86:*:*:*:*:*",
"matchCriteriaId": "382FDFCA-95D8-4A57-8114-B7B3C939DD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:x86:*:*:*:*:*",
"matchCriteriaId": "DF8C61E6-7EF3-4069-8335-1D11B86B31D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:linux:*:*:*:*:*",
"matchCriteriaId": "4E60435B-947E-4579-B4D5-3BB3A858D8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "D377C48F-4513-467B-8514-5F7F27071A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:linux:*:*:*:*:*",
"matchCriteriaId": "1B17A5EA-6081-4229-B792-5EE18458BB9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Sun Calendar Express Web Server en Sun ONE Calendar Server 6.0 y Sun Java System Calendar Server 6 2004Q2 hasta 6.3-7.01 permite a atacantes remotos inyectar web script o HTML de su elecci\u00f3n a trav\u00e9s de (1) el par\u00e1metro \"fmt-out\" de login.wcap o (2) el par\u00e1metro \"date\" de command.shtml."
}
],
"id": "CVE-2009-1218",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-01T18:30:00.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34152"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34153"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0905"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-1219
Vulnerability from fkie_nvd - Published: 2009-04-01 18:30 - Updated: 2026-04-23 00:35
Severity ?
Summary
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:sparc:*:*:*:*:*",
"matchCriteriaId": "1C2387AF-026B-423B-A396-55034DC984A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:sparc:*:*:*:*:*",
"matchCriteriaId": "E54204FF-DAA2-4D25-91CA-78DC271C35BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:sparc:*:*:*:*:*",
"matchCriteriaId": "E04C0F4E-6825-4EED-994F-4FACCABD4670",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:x86:*:*:*:*:*",
"matchCriteriaId": "65EA6495-81BA-4124-82AB-C81AB94E2F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:x86:*:*:*:*:*",
"matchCriteriaId": "382FDFCA-95D8-4A57-8114-B7B3C939DD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:x86:*:*:*:*:*",
"matchCriteriaId": "DF8C61E6-7EF3-4069-8335-1D11B86B31D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:-:linux:*:*:*:*:*",
"matchCriteriaId": "4E60435B-947E-4579-B4D5-3BB3A858D8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:-:linux:*:*:*:*:*",
"matchCriteriaId": "D377C48F-4513-467B-8514-5F7F27071A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:-:linux:*:*:*:*:*",
"matchCriteriaId": "1B17A5EA-6081-4229-B792-5EE18458BB9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter."
},
{
"lang": "es",
"value": "Sun Calendar Express Web Server en Sun ONE Calendar Server v6.0 y Sun Java System Calendar Server 6 2004Q2 hasta 6.3-7.01 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de m\u00faltiples peticiones de la URI por defecto con caracteres alfab\u00e9ticos en el par\u00e1metro \"tzid\"."
}
],
"id": "CVE-2009-1219",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-01T18:30:00.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0905"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-2749
Vulnerability from fkie_nvd - Published: 2008-06-18 19:41 - Updated: 2026-04-23 00:35
Severity ?
Summary
Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6 | |
| sun | java_system_calendar_server | 6.3 | |
| sun | one_calendar_server | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:2004q2:*:*:*:*:*:*",
"matchCriteriaId": "7721146B-767F-4ECD-ABB3-A8C9D459DD4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:2005q1:*:*:*:*:*:*",
"matchCriteriaId": "149BE821-BA69-410A-8A5F-30E0B0384FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6:2005q4:*:*:*:*:*:*",
"matchCriteriaId": "D7C4ADB9-93DF-415E-986E-63A475A9E392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF59A08-6F91-44B4-8BD7-26F467E527CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:one_calendar_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A386E396-577A-4A86-B548-BC67841814B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin expecificar en cshttpd in Sun Java System Calendar Server 6 y 6.3, y Sun ONE Calendar Server 6.0, cuando el access logging (tambien conocido como service.http.commandlog.all) est\u00e1 activado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (caida de demonio), a trav\u00e9s de vectores no especificados.\r\n"
}
],
"id": "CVE-2008-2749",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-18T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30694"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29763"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020299"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0742
Vulnerability from fkie_nvd - Published: 2004-07-27 04:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_system_calendar_server | 6.2 | |
| sun | java_system_calendar_server | 6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E654A976-789A-46FC-A262-CC0A3FD149DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_calendar_server:6.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "DBCEE6E5-D5BB-448A-991B-BCAB96E542C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view."
},
{
"lang": "es",
"value": "Sun Java Portal Sever 6.2 (anteriormente Sun One) permite a usuarios remotos autenticados obtener prilegios de Calendar Server y modificar datos del calendario cambiando las opciones de visualizaci\u00f3n a una vista no predeterminada."
}
],
"id": "CVE-2004-0742",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-07-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12134"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10788"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-1219 (GCVE-0-2009-1219)
Vulnerability from cvelistv5 – Published: 2009-04-01 18:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2009-03-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "256228",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "34150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34150"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "255008",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1"
},
{
"name": "http://www.coresecurity.com/content/sun-calendar-express",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sun-calendar-express"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1219",
"datePublished": "2009-04-01T18:00:00.000Z",
"dateReserved": "2009-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1218 (GCVE-0-2009-1218)
Vulnerability from cvelistv5 – Published: 2009-04-01 18:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2009-03-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0905"
},
{
"name": "34153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34153"
},
{
"name": "256228",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1"
},
{
"name": "20090331 CORE-2009-0108: Multiple vulnerabilities in Sun Calendar Express Web Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502320/100/0/threaded"
},
{
"name": "http://www.coresecurity.com/content/sun-calendar-express",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sun-calendar-express"
},
{
"name": "34152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34152"
},
{
"name": "1020321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020321.1-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1218",
"datePublished": "2009-04-01T18:00:00.000Z",
"dateReserved": "2009-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2749 (GCVE-0-2008-2749)
Vulnerability from cvelistv5 – Published: 2008-06-18 19:29 – Updated: 2024-08-07 09:14
VLAI?
Summary
Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2008-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:14:14.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30694"
},
{
"name": "ADV-2008-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1857"
},
{
"name": "1020299",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020299"
},
{
"name": "235521",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-235521-1"
},
{
"name": "sun-java-systemcalendarserver-dos(43127)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43127"
},
{
"name": "29763",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2749",
"datePublished": "2008-06-18T19:29:00.000Z",
"dateReserved": "2008-06-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:14:14.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0742 (GCVE-0-2004-0742)
Vulnerability from cvelistv5 – Published: 2004-07-23 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2004-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57586",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57586",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/881254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57586",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57586"
},
{
"name": "sunjavaportal-calendar-gain-access(16776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16776"
},
{
"name": "10788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10788"
},
{
"name": "12134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12134"
},
{
"name": "VU#881254",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/881254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0742",
"datePublished": "2004-07-23T04:00:00.000Z",
"dateReserved": "2004-07-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:31:46.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}