ID CVE-2006-4353
Summary Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:java_system_content_delivery_server:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_content_delivery_server:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_content_delivery_server:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_content_delivery_server:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_content_delivery_server:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_content_delivery_server:5.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 19705
confirm http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
osvdb 28227
sectrack 1016751
secunia 21628
sunalert 102593
vupen ADV-2006-3390
xf sun-java-cds-information-disclosure(28570)
Last major update 20-07-2017 - 01:33
Published 25-08-2006 - 10:04
Last modified 20-07-2017 - 01:33
Back to Top