CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2010-0311
https://notcve.org/view.php?id=CVE-2010-0311
14 Jan 2010 — Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors. Vulnerabilidad no especificada en Sun Java System Identity Manager (también conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remo... • http://osvdb.org/61658 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-2945
https://notcve.org/view.php?id=CVE-2008-2945
30 Jun 2008 — Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715, CVE-2007-3716, and CVE-2007-4289. Sun Java System Access Manager 6.3 hasta 7.1 y Sun Java System Identity Server 6.1 y 6.2 no procesa adecuadamente hojas de estilo XSLT en transformaciones XSLT de firmas XML. • http://secunia.com/advisories/30893 • CWE-20: Improper Input Validation •