Info

Disclosure

Aug 24, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Sun Java System Content Delivery Server contains a flaw that may allow a malicious user to read data from arbitrary file. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems, Inc. has released patches to address this vulnerability.

Products

Sun Microsystems, Inc.	Java System Content Delivery Server	4.0
		4.1
		5.0

References

Security Tracker: 1016751
Bugtraq ID: 19705
CVE ID: 2006-4353 (see also: NVD)
Secunia Advisory ID: 21628
SCIP VulDB ID: 2491
ISS X-Force ID: 28570
VUPEN Advisory: ADV-2006-3390
Keyword: BugIDs: 6462140
Vendor Specific Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102593-1

Credit

Sun Microsystems, Inc. - Sun Microsystems, Inc.

Direct URL: http://osvdb.org/28227