CVE-2009-1076

2009-03-25T15:30:00
ID CVE-2009-1076
Type cve
Reporter cve@mitre.org
Modified 2009-03-25T15:30:00

Description

Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.