All the vulnerabilites related to sun - secure_global_desktop
cve-2006-5201
Vulnerability from cvelistv5
Published
2006-10-09 18:00
Modified
2024-08-07 19:41
Severity ?
EPSS score ?
Summary
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/22992 | third-party-advisory, x_refsource_SECUNIA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.vupen.com/english/advisories/2006/3899 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2006/3960 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2006/3898 | vdb-entry, x_refsource_VUPEN | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm | x_refsource_CONFIRM | |
| http://secunia.com/advisories/22325 | third-party-advisory, x_refsource_SECUNIA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://secunia.com/advisories/22204 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/22226 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/845620 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-10-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5201",
"datePublished": "2006-10-09T18:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4958
Vulnerability from cvelistv5
Published
2006-09-23 10:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016900 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29070 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/22037 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/446566/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/20276 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29303 | vdb-entry, x_refsource_XF | |
| http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555 | x_refsource_MISC | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://securityreason.com/securityalert/1623 | third-party-advisory, x_refsource_SREASON | |
| http://www.vupen.com/english/advisories/2006/3739 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/20135 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-unspecified-xss(29070)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29070"
},
{
"name": "22037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"name": "20276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20276"
},
{
"name": "sun-ssgd-xss(29303)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29303"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"name": "102650",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1"
},
{
"name": "1623",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-unspecified-xss(29070)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29070"
},
{
"name": "22037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"name": "20276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20276"
},
{
"name": "sun-ssgd-xss(29303)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29303"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"name": "102650",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1"
},
{
"name": "1623",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-unspecified-xss(29070)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29070"
},
{
"name": "22037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"name": "20276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20276"
},
{
"name": "sun-ssgd-xss(29303)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29303"
},
{
"name": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555",
"refsource": "MISC",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"name": "102650",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1"
},
{
"name": "1623",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4958",
"datePublished": "2006-09-23T10:00:00",
"dateReserved": "2006-09-22T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4959
Vulnerability from cvelistv5
Published
2006-09-23 10:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016900 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29076 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/22037 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/446566/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555 | x_refsource_MISC | |
| http://securityreason.com/securityalert/1623 | third-party-advisory, x_refsource_SREASON | |
| http://www.vupen.com/english/advisories/2006/3739 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/20135 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-script-information-disclosure(29076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"
},
{
"name": "22037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"name": "1623",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-script-information-disclosure(29076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"
},
{
"name": "22037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"name": "1623",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016900"
},
{
"name": "sun-ssgd-script-information-disclosure(29076)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"
},
{
"name": "22037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22037"
},
{
"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"name": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555",
"refsource": "MISC",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"name": "1623",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1623"
},
{
"name": "ADV-2006-3739",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"name": "20135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4959",
"datePublished": "2006-09-23T10:00:00",
"dateReserved": "2006-09-22T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-09-23 10:07
Modified
2024-11-21 00:17
Severity ?
Summary
Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | secure_global_desktop | 3.42 | |
| sun | secure_global_desktop | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:3.42:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "6DCA2744-A4A1-497D-A133-9D2B4E56BAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:4.0:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "D957237E-B27F-4830-94C9-4C2ACE107AD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
},
{
"lang": "es",
"value": "Sun Secure Global Desktop (SSGD, tambi\u00e9n conocido como Tarantella) anterior a 4.3 permite a un atacante remoto obtener informaci\u00f3n sensible, incluyendo el nombre del servidor, versiones, y detalles de configuraci\u00f3n, a trav\u00e9s de vectores no especificados, posiblemente afecte a 1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, o (7) test-cgi. NOTA: Esta informaci\u00f3n esta basa en una informaci\u00f3n inicial. Los detalles ser\u00e1n actualizados cuando se encuentren disponibles."
}
],
"id": "CVE-2006-4959",
"lastModified": "2024-11-21T00:17:17.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-23T10:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22037"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1623"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016900"
},
{
"source": "cve@mitre.org",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20135"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-23 10:07
Modified
2024-11-21 00:17
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | secure_global_desktop | 3.42 | |
| sun | secure_global_desktop | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:3.42:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "6DCA2744-A4A1-497D-A133-9D2B4E56BAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:4.0:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "D957237E-B27F-4830-94C9-4C2ACE107AD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Sun Secure Global Desktop (SSGD, tambi\u00e9n conocido como Tarantella) anterior a 4.20.983 permite a un atacante remoto inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados, posiblemente afecte a (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, o (7) test-cgi. NOTA: Esta informaci\u00f3n se basa sobre en una informaci\u00f3n b\u00e1sica. Los detalles ser\u00e1n puestos al d\u00eda cuando se encuentren disponibles."
}
],
"id": "CVE-2006-4958",
"lastModified": "2024-11-21T00:17:17.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-23T10:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22037"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1623"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016900"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20135"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20276"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29070"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29303"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2024-11-21 00:18
Severity ?
Summary
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | nss | * | |
| sun | secure_global_desktop | * | |
| sun | staroffice | * | |
| sun | solaris | 9.0 | |
| sun | solaris | 10.0 | |
| sun | sunos | 5.8 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1_2 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_04 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_08 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.3.1_10 | |
| sun | jre | 1.3.1_11 | |
| sun | jre | 1.3.1_12 | |
| sun | jre | 1.3.1_13 | |
| sun | jre | 1.3.1_14 | |
| sun | jre | 1.3.1_15 | |
| sun | jre | 1.3.1_16 | |
| sun | jre | 1.3.1_17 | |
| sun | jre | 1.3.1_18 | |
| sun | jre | 1.3.1_19 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | sdk | 1.3.1 | |
| sun | sdk | 1.3.1_01 | |
| sun | sdk | 1.3.1_01a | |
| sun | sdk | 1.3.1_02 | |
| sun | sdk | 1.3.1_03 | |
| sun | sdk | 1.3.1_04 | |
| sun | sdk | 1.3.1_05 | |
| sun | sdk | 1.3.1_06 | |
| sun | sdk | 1.3.1_07 | |
| sun | sdk | 1.3.1_08 | |
| sun | sdk | 1.3.1_09 | |
| sun | sdk | 1.3.1_10 | |
| sun | sdk | 1.3.1_11 | |
| sun | sdk | 1.3.1_12 | |
| sun | sdk | 1.3.1_13 | |
| sun | sdk | 1.3.1_14 | |
| sun | sdk | 1.3.1_15 | |
| sun | sdk | 1.3.1_16 | |
| sun | sdk | 1.3.1_17 | |
| sun | sdk | 1.3.1_18 | |
| sun | sdk | 1.3.1_19 | |
| sun | sdk | 1.4.2 | |
| sun | sdk | 1.4.2_1 | |
| sun | sdk | 1.4.2_2 | |
| sun | sdk | 1.4.2_3 | |
| sun | sdk | 1.4.2_4 | |
| sun | sdk | 1.4.2_5 | |
| sun | sdk | 1.4.2_6 | |
| sun | sdk | 1.4.2_7 | |
| sun | sdk | 1.4.2_8 | |
| sun | sdk | 1.4.2_9 | |
| sun | sdk | 1.4.2_10 | |
| sun | sdk | 1.4.2_11 | |
| sun | sdk | 1.4.2_12 | |
| sun | jsse | 1.0.3 | |
| sun | jsse | 1.0.3_01 | |
| sun | jsse | 1.0.3_02 | |
| sun | jsse | 1.0.3_03 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:nss:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2112B58-9424-4F9D-B37A-35C5FCCC7C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8B9B9F-E485-4265-AD4F-470B32DF841F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E60B3BF-0114-4BB5-8C21-B2ABF713F7AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*",
"matchCriteriaId": "BCA7836E-A936-4832-81A2-2D31F0642ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:*:*:*:sparc:*:*",
"matchCriteriaId": "907AE0E2-E467-433E-AEEF-BC05AE7AF95B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D57BC929-6C98-4F36-B31B-6B946F986D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7042B56E-349E-40F4-ADD7-DEF1E9D8E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
"matchCriteriaId": "0875E34D-8544-49B9-BAD9-8191CC103A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "62E772B9-8E41-476F-81F5-87B41F1827A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE78463-2CE8-43C6-BB06-AA40C72B1A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "31A04480-92DF-49AD-9B36-7F1FCB29DE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "62CAA3E7-9D65-48F3-ACF7-9D705D94DE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "477C310B-50AD-4D40-8EDB-4A80F0BF321D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "60A1F526-6B28-47A3-8D2C-06CA067E9164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "17F09D9E-B04B-477E-86E6-E1B1F9650973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "6F929C59-9602-4962-95B4-4165D66E5935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B76949-9282-44D0-8075-74E482CE9A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B072DD-FC4F-4E07-9837-0E16017CA4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "969BE4EC-4D13-4B74-8137-FA0F83F0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "86408019-1B53-4AA8-9F05-47EBD0466EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "81F47561-F59C-4904-8E05-D8A9629405A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "FB067445-8EA5-460F-B625-C21251E5A8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C075BC-607E-47A1-A32D-B912D2FA03BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "787DCE54-6991-4A1A-836B-3C46A02C7400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5F0AD0F9-E797-4E16-95F3-C1AFDA557D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
"matchCriteriaId": "34710306-D6CF-4D07-84BF-71A8839BE416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
"matchCriteriaId": "44B93DC8-6375-4B41-B9BC-F22F592C56B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
"matchCriteriaId": "87BF46A9-8E4A-4583-B35F-052FD481DF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "32B351BB-6CA6-4CEF-9F5D-ED47774FC676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA40FCD-1D34-4C47-908F-697433236153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "00639A84-BD03-4BD9-A655-F806693DBC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "14824B23-FF9F-4D6D-9D02-12B79BE346A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "6493744C-A69D-4377-937E-85E7F5535EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "C09019B1-B873-41CE-951E-4777F324729C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4209A0-E73F-4B5A-9925-B5D20F879455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB8516D-03C4-478D-AFE2-824867FDC739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "F82AED17-FEC3-47D0-A395-26ACD07FBE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "9630BC7B-9039-4FA6-86F8-5274783F3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A6A15C-216A-42B1-84EF-B3D9A313D4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "EC39C819-9439-4029-8377-F6D58B3DFDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "A053DEF6-1317-4DA8-91D7-E1970DA62351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0605FF-3DDC-4F3A-8171-F3A447E9C292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "801FF3B4-0729-4710-BFC2-4B078029944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "A56D9A60-F272-4D4C-A9DD-C93DAF783585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1F28FF-652A-4C89-9AC6-5E212F890811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "96A8C351-E9CD-431B-8B9D-712CA54C7213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "432EB8F8-52C0-4FF3-97E5-92F670DFEE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC8159F-4CB2-4A94-B7DF-4D7496EBA55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_02:*:*:*:*:*:*:*",
"matchCriteriaId": "7D51B8BB-C05E-42A2-A6EC-87F73A3CDF98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_03:*:*:*:*:*:*:*",
"matchCriteriaId": "516A74B2-CEE6-492D-8884-60CC3D5C70EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
},
{
"lang": "es",
"value": "M\u00faltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1."
}
],
"id": "CVE-2006-5201",
"lastModified": "2024-11-21T00:18:16.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22226"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22325"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22992"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}