Executive Summary
| Summary | |
|---|---|
| Title | Sun Alert 201538 Sun Java System Access Manager Does Not Securely Process XSLT Stylesheets contained in XML Signatures contained in XML Signatures |
| Informations | |||
|---|---|---|---|
| Name | SUN-201538 | First vendor Publication | 2008-06-26 |
| Vendor | Sun | Last vendor Modification | 2009-01-05 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Product: Sun Java System Access Manager 6 2005Q1 Sun Java System Access Manager 7.1 Sun Java System Identity Server 6.1 Sun Java System Identity Server 6.2 Sun Java System Access Manager 7 2005Q4 The Sun Java System Access Manager may not securely process XSLT stylesheets which are contained inside XSLT Transforms in XML Signatures. A remote user who is able to create such an XML Signature which is viewed locally with Access Manager may be able to execute arbitrary code with the privileges of the Access Manager application. Access Manager is run by a web container application, such as the Sun Java System Application Server, and thus the privileges of Access Manager are the same as the configured web container application. Sun acknowledges with thanks, Brad Hill of iSEC Partners for bringing this issue to our attention. State: Resolved First released: 26-Jun-2008 |
Original Source
| Url : http://blogs.sun.com/security/entry/sun_alert_201538_sun_java |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 2 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 46579 | Sun Java System Access Manager XSLT Stylesheet Processing Arbitrary Code Exec... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris10_120954.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris10_x86_120955.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris8_120954.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris9_120954.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris9_x86_120955.nasl - Type : ACT_GATHER_INFO |
| 2008-02-05 | Name : The remote host is missing Sun Security Patch number 117586-22 File : solaris8_117586.nasl - Type : ACT_GATHER_INFO |
| 2008-02-05 | Name : The remote host is missing Sun Security Patch number 117586-22 File : solaris9_117586.nasl - Type : ACT_GATHER_INFO |
| 2006-11-06 | Name : The remote host is missing Sun Security Patch number 115766-15 File : solaris8_115766.nasl - Type : ACT_GATHER_INFO |
| 2006-11-06 | Name : The remote host is missing Sun Security Patch number 115766-15 File : solaris9_115766.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2013-02-06 19:08:12 |
|
