CVE-2007-1419

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Dynamic Management Kit
Vendor: CVE Published:; 12 March 2007

Summary

The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol (JMX RMI-IIOP) API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server application accessed by a privileged remote authenticated user.

References

http://www.vupen.com/english/advisories/2007/0906

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/24497

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Mar 12, 2007
Vulnerability Reserved
Mar 12, 2007