mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
107 lines
3.8 KiB
JSON
107 lines
3.8 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2009-1077",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The Change My Password implementation in the admin interface in Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the RequiresChallenge property setting, which allows remote authenticated users to change the passwords of other users, as demonstrated by changing the administrator's password."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-140936-01-1",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-140936-01-1"
|
|
},
|
|
{
|
|
"name": "253267",
|
|
"refsource": "SUNALERT",
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1"
|
|
},
|
|
{
|
|
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-137621-11-1",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-137621-11-1"
|
|
},
|
|
{
|
|
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1"
|
|
},
|
|
{
|
|
"name": "1021881",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://securitytracker.com/id?1021881"
|
|
},
|
|
{
|
|
"name": "34191",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/34191"
|
|
},
|
|
{
|
|
"name": "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://blogs.sun.com/security/entry/sun_alert_253267_sun_java"
|
|
},
|
|
{
|
|
"name": "ADV-2009-0797",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2009/0797"
|
|
},
|
|
{
|
|
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1"
|
|
},
|
|
{
|
|
"name": "34380",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/34380"
|
|
}
|
|
]
|
|
}
|
|
} |