Sun Java System Access Manager Vulnerability in Cross Domain Single Sign On
CVE-2009-2713

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Access Manager
Vendor
CVE Published:
7 August 2009

What is CVE-2009-2713?

The CDCServlet component in Sun Java System Access Manager versions 7.0 2005Q4 and 7.1 has a security flaw when Cross Domain Single Sign On (CDSSO) is enabled. This vulnerability allows remote attackers to potentially access sensitive information by exploiting the mishandling of 'policy advice.' The component fails to ensure that the presented policy advice is directed to the appropriate client, thereby exposing sensitive user data through unspecified vectors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...
x_refsource_CONFIRM
http://secunia.com/advisories/36167
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/35961
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.