CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0CVE-2010-4444
https://notcve.org/view.php?id=CVE-2010-4444
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Java System Access Manager y Oracle OpenSSO v7, v7.1 y v8 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://osvdb.org/70579 http://osvdb.org/70580 http://secunia.com/advisories/42986 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45884 http://www.vupen.com/english/advisories/2011/0153 https://exchange.xforce.ibmcloud.com/vulnerabilities/64811 •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2010-0311
https://notcve.org/view.php?id=CVE-2010-0311
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors. Vulnerabilidad no especificada en Sun Java System Identity Manager (también conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remotos obtener acceso como administrador a través de vectores desconocidos. • http://osvdb.org/61658 http://secunia.com/advisories/38130 http://securitytracker.com/id?1023447 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1 http://www.securityfocus.com/bid/37755 http://www.vupen.com/english/advisories/2010/0108 https://exchange.xforce.ibmcloud.com/vulnerabilities/55572 •
CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0CVE-2009-2713
https://notcve.org/view.php?id=CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors. El componente CDCServlet en Sun Java System Access Manager v7.0 2005Q4 y v7.1, cuando Cross Domain Single Sign On (CDSSO) está habilitado, no garantiza que "policy advice" (aviso de políticas) se presenta al cliente correcto, lo cual permite a un atacante remoto obtener información sensible a través de vectores no especificados. • http://secunia.com/advisories/36167 http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255968-1 http://www.securityfocus.com/bid/35961 http://www.vupen.com/english/advisories/2009/2176 •
CVSS: 2.1EPSS: 0%CPEs: 32EXPL: 0CVE-2009-2712
https://notcve.org/view.php?id=CVE-2009-2712
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files. Sun Java System Access Manager v6.3 2005Q1, v7.0 2005Q4, y v7.1; y OpenSSO Enterprise v8.0; cuando AMConfig.properties permite a la marca de depuración, permite a los usuarios locales descubrir contraseñas en texto claro mediante la lectura de archivos de depuración. • http://osvdb.org/56815 http://secunia.com/advisories/36169 http://sunsolve.sun.com/search/document.do?assetkey=1-21-119465-16-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256668-1 http://www.securityfocus.com/bid/35963 http://www.vupen.com/english/advisories/2009/2177 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-2597
https://notcve.org/view.php?id=CVE-2009-2597
The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request. El modulo Sun Java System (SJS) Access Manager Policy Agent v2.2 para el servidor proxy web SJS v4.0 permite a atacantes remotos producir una denegación de servicio (caída de demonio) a través de una petición GET. • http://secunia.com/advisories/35979 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1 •