CVE-2009-1082
N/A
N/A
Summary
Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the saveNoValidate action and saveNoValidateAllowedFormsAndWorkflows IDs.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-140936-01-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-137621-11-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1
- http://securitytracker.com/id?1021881
- http://www.securityfocus.com/bid/34191
- http://blogs.sun.com/security/entry/sun_alert_253267_sun_java
- http://www.vupen.com/english/advisories/2009/0797
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1
- http://secunia.com/advisories/34380
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-140936-01-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-137621-11-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1
- http://securitytracker.com/id?1021881
- http://www.securityfocus.com/bid/34191
- http://blogs.sun.com/security/entry/sun_alert_253267_sun_java
- http://www.vupen.com/english/advisories/2009/0797
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1
- http://secunia.com/advisories/34380
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.