Sun Alert 264248 Security Vulnerability in the Simple Authentication and Security Layer (SASL) Library Bundled with the Java Enterprise System (JES) may Allow Unprivileged Users to Crash Applications Using the sasl_encode64 Function
By chandan on Jul 23, 2009
A buffer overflow security vulnerability in the Simple Authentication and Security Layer (SASL) library bundled with the Java Enterprise System (JES) may allow local or remote unprivileged users to crash applications which use the sasl_encode64 SASL library function.
None of the Sun Java Enterprise System (JES) products which use SASL are impacted by this issue however third-party applications that have a dynamic dependency on the SASL library bundled with JES may be affected.
This vulnerability is also described in the following documents:
CERT VU#238019 at:
Sun Alert 259148 at: