4 matches found
CVE-2007-3700
CVE-2007-3700 affects Sun Java System Access Manager (formerly Java System Identity Server) prior to 20070710. When AMConfig.properties sets com.iplanet.services.debug.level to a debug value, the product logs cleartext login passwords to /var/opt/SUNWam/debug/amAuth, enabling a local user to read...
CVE-2007-5153
Technical details about CVE-2007-5153 are not publicly available in the provided documents; affected products, impact, and remediation specifics are not disclosed. Monitor for updates from official sources.
CVE-2007-0628
CVE-2007-0628 concerns multiple XSS vulnerabilities in Sun Java System Access Manager versions 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) prior to 20070129. The flaws allow remote attackers to inject arbitrary web script or HTML through the goto or gx-charset parameters. The NVD entry lists a C...
CVE-2007-5152
Summary: CVE-2007-5152 affects Sun Java System Access Manager 7.1 when installed in a Sun Java System Application Server 9.1 container. The issue is that authentication is not required after a container restart, enabling remote attackers to perform administrative tasks. The vulnerability is evide...