The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102854 Security Vulnerability in the Sun Java Web Console May Allow Access to Privileged Data or Lead to Denial of Service

Guest Author
Product: Sun Java Web Console 2.2.3, Solaris 10 Operating System, Sun Java Web Console 2.2.5, Sun Java Web Console 2.2.4, Sun Java Web Console 2.2.2

A security vulnerability in the Sun Java Web Console may allow a local or remote unprivileged user to access privileged data or crash the Java Web Console service, leading to a Denial of Service (DoS) condition.

Sun acknowledges with thanks, Frank Dick of N.RUNS AG (http://www.nruns.com/) for bringing this issue to our attention.

For additional information regarding this issue, see the following:

N.RUNS AG security bulletin at http://www.nruns.com/security_advisory_sun_java_format_string.php

CVE-2007-1681 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1681

Avoidance: Patch, Upgrade
State: Resolved
First released: 17-Apr-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.