CVE-2008-5116

Sažetak

Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.

Reference

http://osvdb.org/49767
http://secunia.com/advisories/32606
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1
http://www.procheckup.com/Vulnerability_PR08-09.php
http://www.securityfocus.com/archive/1/498487/100/0/threaded
http://www.securityfocus.com/bid/32262
http://www.securitytracker.com/id?1021170
http://www.vupen.com/english/advisories/2008/3128
https://exchange.xforce.ibmcloud.com/vulnerabilities/46554

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

11-10-2018 - 20:54

Objavljeno

18-11-2008 - 00:30