JMX RMI-IIOP API Vulnerability in Java Dynamic Management Kit by Sun Microsystems
CVE-2007-1419

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Dynamic Management Kit
Vendor: CVE Published:; 12 March 2007

What is CVE-2007-1419?

The Java Management Extensions Remote API (JMX RMI-IIOP) in Java Dynamic Management Kit 5.1 prior to March 9, 2007, contains an access control flaw that fails to properly enforce the java.policy permissions. This allows local users to exploit a server application to gain unauthorized access to certain MBean data when operated by a privileged remote authenticated user. This breach can lead to unauthorized information exposure, posing significant risks in enterprise environments.

References

http://www.vupen.com/english/advisories/2007/0906

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/24497

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2007
Vulnerability Reserved
Mar 12, 2007

Oracle

What is CVE-2007-1419?

References

Timeline