CVE-2009-2712

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Access Manager
Vendor: CVE Published:; 7 August 2009

Summary

Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.

References

http://osvdb.org/56815

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/35963

vdb-entryx_refsource_BID

http://secunia.com/advisories/36169

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Aug 7, 2009
Vulnerability Reserved
Aug 7, 2009