Session Hijacking Vulnerability in Sun ONE Messaging Server and iPlanet Messaging Server
CVE-2004-2766

Currently unrated

Key Information:

Vendor: Oracle
Status: Iplanet Messaging Server
Vendor: CVE Published:; 28 January 2010

Summary

The vulnerability in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 allows remote attackers to gain unauthorized access to email accounts via specifically crafted email messages. This flaw is associated with session hijacking, enabling attackers to exploit the session management functionality improperly. It is critical for users of these servers to implement patches and follow best security practices to safeguard against potential exploits.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 28, 2010