CVE Vulnerability

CVE-2008-5549

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1 Patch Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1 Patch Vendor Advisory
http://securitytracker.com/id?1021380
http://secunia.com/advisories/33120 Vendor Advisory
http://www.securityfocus.com/bid/32770
http://www.vupen.com/english/advisories/2008/3408
https://exchange.xforce.ibmcloud.com/vulnerabilities/47256
Configurations

Configuration 1

cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*
Information

Published : 2008-12-12 06:30

Updated : 2017-08-08 01:33

NVD link : CVE-2008-5549

Mitre link : CVE-2008-5549

Products Affected
No products.
CWE
CWE-264

NVD-CWE-noinfo