Insecure Communication Flaw in Sun Java System Identity Manager
CVE-2009-1074

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Identity Manager
Vendor
CVE Published:
25 March 2009

What is CVE-2009-1074?

The Sun Java System Identity Manager versions 7.0 to 8.0 contain a vulnerability that allows sensitive information to be intercepted by attackers due to improper implementation of SSL encryption. This issue arises from the failure to enforce SSL in all necessary situations, particularly concerning SSL termination devices and the lack of support for relative URLs. As a result, attackers can easily sniff network traffic, leading to potential data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://securitytracker.com/id?1021881
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/34191
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.