Oracle Java System Directory Server Multiple Remote Vulnerabilities Network Vulnerability

Summary

Oracle Java System Directory Server is prone to multiple remote vulnerabilities. These vulnerabilities can be exploited over the 'LDAP' and 'HTTP' protocols. Remote attackers can exploit these issues without authenticating. Successful exploits will allow attackers to exploit arbitrary code in the context of the vulnerable application or cause denial-of-service conditions. These vulnerabilities affect the following supported versions: 5.2, 6.0, 6.1, 6.2, 6.3, 6.3.1

Solution

Vendor updates are available. Please contact the vendor for more information.

References

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html
http://www.securityfocus.com/bid/39453
http://www.zerodayinitiative.com/advisories/ZDI-10-073/
http://www.zerodayinitiative.com/advisories/ZDI-10-074/
http://www.zerodayinitiative.com/advisories/ZDI-10-075/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0897

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Mac OS X)
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)

Take action and discover your vulnerabilities