Taketo Ikeuchi

**Name of the Vulnerable Software and Affected Versions** KENT-WEB POST-MAIL versions prior to 6.7 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via an unspecified form field when Internet Explorer 7 or earlier is used. **Recommendations** For versions prior to 6.7, update to version 6.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** KENT-WEB WEB PATIO versions 4.04 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted cookie. **Recommendations** For versions 4.04 and earlier, update to a version later than 4.04 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Juniper IDP versions 4.1 through 4.1r2 Juniper IDP versions 4.2 through 4.2r0 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. **Recommendations** For Juniper IDP versions 4.1 through 4.1r2, update to version 4.1r3 or later. For Juniper IDP versions 4.2 through 4.2r0, update to version 4.2r1 or later.

**Name of the Vulnerable Software and Affected Versions** TransWARE Active! mail versions 6.40.010047750 and earlier **Description** The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. **Recommendations** For TransWARE Active! mail versions 6.40.010047750 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.