Information Disclosure in Sun Ray Server Software 2.0 and 3.0
CVE-2007-0482

Currently unrated

Key Information:

Vendor: Oracle
Status: Ray Server Software
Vendor: CVE Published:; 25 January 2007

What is CVE-2007-0482?

The Sun Ray Server Software versions 2.0 and 3.0 prior to January 23, 2007, contains a vulnerability where local users can exploit log files of the web server to gain access to the utadmin password. This poses a significant risk as it may allow unauthorized users to carry out further attacks or gain elevated privileges on the server. Additionally, there are concerns regarding other unspecified local attack methods that may exploit this vulnerability, emphasizing the need for adequate security measures.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://secunia.com/advisories/23900

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/0316

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 25, 2007
Vulnerability Reserved
Jan 24, 2007

Oracle

What is CVE-2007-0482?

References

Timeline