Remote Code Execution Vulnerability in Sun AnswerBook2 by Sun Microsystems
CVE-2002-2425

Currently unrated

Key Information:

Vendor: Oracle
Status: Solaris Answerbook2
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-2425?

Sun AnswerBook2 versions 1.2 through 1.4.2 are susceptible to a vulnerability that enables remote attackers to execute administrative scripts directly. This exploitation occurs through certain crafted requests, allowing unauthorized commands such as AdminViewError and AdminAddadmin to be executed without proper authentication. This type of security flaw can lead to unauthorized access and control over the system, posing significant risks to the integrity and confidentiality of the information managed by the software.

References

http://www.securityfocus.com/bid/5383

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2002-07/04...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/9756.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002

Oracle

What is CVE-2002-2425?

References

Timeline