Information Disclosure in Sun Java System Content Delivery Server 4.x and 5.x
CVE-2006-4353

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Content Delivery Server
Vendor: CVE Published:; 25 August 2006

What is CVE-2006-4353?

The Sun Java System Content Delivery Server versions 4.0, 4.1, and 5.0 contain a vulnerability that allows both local and remote attackers to read sensitive data from arbitrary files on the server. This security flaw is exploitable through unspecified vectors, potentially leading to unauthorized access to critical information stored on the affected servers.

References

http://www.securityfocus.com/bid/19705

vdb-entryx_refsource_BID

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

x_refsource_CONFIRM

http://securitytracker.com/id?1016751

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2006
Vulnerability Reserved
Aug 24, 2006

Oracle

What is CVE-2006-4353?

References

Timeline