NVD

Id
48392  
Name
CVE-2009-1082  
Description
Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the saveNoValidate action and saveNoValidateAllowedFormsAndWorkflows IDs.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-03-25  
Modified Date
2009-03-25  
Seq
2009-1082  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
243356 48392 CVE-2009-1082 http://blogs.sun.com/security/entry/sun_alert_253267_sun_java  View
243357 48392 CVE-2009-1082 1021881  View
243358 48392 CVE-2009-1082 http://sunsolve.sun.com/search/document.do?assetkey=1-21-137621-11-1  View
243359 48392 CVE-2009-1082 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1  View
243360 48392 CVE-2009-1082 http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1  View
243361 48392 CVE-2009-1082 http://sunsolve.sun.com/search/document.do?assetkey=1-21-140936-01-1  View
243362 48392 CVE-2009-1082 253267  View
243363 48392 CVE-2009-1082 34191  View
243364 48392 CVE-2009-1082 ADV-2009-0797  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44907 JVNDB-2009-005914 Sun Java System IdM における権限を取得される脆弱性 Sun Java System Identity Manager (IdM) は、saveNoValidate アクションおよび saveNoValidateAllowedFormsAndWorkflows ID に関する処理に不備があるため、権限を取得される脆弱性が存在します。 CVE-2009-1082 38513 CVE-2009-1082 48392 9 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005914.html 2009-03-19 2012-12-20 View