Directory Traversal Vulnerability in Sun Java System Directory Server
CVE-2009-1332

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Directory Server
Vendor: CVE Published:; 17 April 2009

Summary

The Online Help feature in Sun Java System Directory Server versions 5.2 and Enterprise Edition 5 presents a vulnerability that allows remote attackers to exploit file enumeration. By leveraging unspecified vectors, attackers can ascertain the existence of files and directories on the server, potentially leading to information disclosure through partial contents of sensitive files.

References

http://www.securityfocus.com/bid/34548

vdb-entryx_refsource_BID

http://osvdb.org/53800

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2009/1059

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 17, 2009
Vulnerability Reserved
Apr 17, 2009