Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:23836
HistoryApr 10, 2020 - 12:37 a.m.

Access Control Bypass

2020-04-1000:37:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

JSON

java is vulnerable to access control bypass. Javascript loaded from localhost is not restricted from connecting to other ports on the system, allowing access restrictions bypass via LiveConnect.

References

Related

prion 1
cve 1
ubuntucve 1
nessus 33
openvas 26
redhat 6
suse 3
vmware 6
gentoo 1
prion
prion
Cross site scripting
2009-03-25 23:30:00
cve
cve
CVE-2009-1104
2009-03-25 23:30:00
ubuntucve
ubuntucve
CVE-2009-1104
2009-03-25 00:00:00
nessus
nessus
Solaris 10 (x86) : 118669-61
2018-03-12 00:00:00
Solaris 10 (x86) : 118669-19
2018-03-12 00:00:00
openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-698)
2009-07-21 00:00:00
openvas
openvas
SLES10: Security update for IBM Java 5
2009-10-13 00:00:00
SLES10: Security update for IBM Java 5
2009-10-13 00:00:00
SLES9: Security update for IBM Java 5 JRE and IBM Java 5 SDK
2009-10-10 00:00:00
redhat
redhat
(RHSA-2009:0394) Critical: java-1.5.0-sun security update
2009-03-26 00:00:00
(RHSA-2009:1038) Critical: java-1.5.0-ibm security update
2009-05-18 00:00:00
(RHSA-2009:1198) Critical: java-1.6.0-ibm security update
2009-08-06 00:00:00
suse
suse
remote code execution in IBM JDK 5
2009-05-25 13:39:41
remote code execution in java-1_6_0-ibm
2009-07-02 21:55:23
remote code execution in Sun Java 5 and 6
2009-04-03 13:04:22
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware vCenter update release addresses multiple security issues in Java JRE
2010-01-29 00:00:00
gentoo
gentoo
Sun JDK/JRE: Multiple vulnerabilities
2009-11-17 00:00:00

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

JSON
Related for VERACODE:23836
prion1cve1ubuntucve1nessus33openvas26redhat6suse3vmware6gentoo1