Code Execution Vulnerability in Sun Java System Access Manager and Identity Server
CVE-2008-2945

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Identity Server
Java System Access Manager
Vendor
CVE Published:
30 June 2008

What is CVE-2008-2945?

Certain versions of Sun Java System Access Manager and Identity Server have a flaw in the processing of XSLT stylesheets during XML signature verification. This weakness can be exploited by attackers who craft a malicious stylesheet, potentially leading to unauthorized execution of arbitrary code in a vulnerable environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
https://exchange.xforce.ibmcloud.com/vulnerabilities/43429
vdb-entryx_refsource_XF
http://support.avaya.com/elmodocs2/security/ASA-2008-294.htm
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.