Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Data Access


Category :Security
Release Phase :Resolved
Product :Sun Java System Content Delivery Server 5.0
Sun Java System Content Delivery Server 2004Q1  
Bug Id :6462140  
Date of Resolved Release :24-AUG-2006 


Impact

A security vulnerability in the Sun Java System Content Delivery Server may allow a local or remote unprivileged user to read data from any file on the system.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Sun Java System Content Delivery Server 4.0 and 4.1 (for Solaris 9) without patch 4.0_2004Q1_IR9_P1
  • Sun Java System Content Delivery Server 5.0 (for Solaris 9 and 10) without patch 5.0_2005Q4_IR2_P1

x86 Platform

  • Sun Java System Content Delivery Server 4.0 and 4.1 (for Solaris 9) without patch 4.0_2004Q1_IR9_P1
  • Sun Java System Content Delivery Server 5.0 (for Solaris 9 and 10) without patch 5.0_2005Q4_IR2_P1

Hewlett-Packard HP-UX 11i

  • Sun Java System Content Delivery Server 4.0 and 4.1 without patch 4.0_2004Q1_HP_P1

Symptoms

There are no symptoms that would indicate the described issue has occurred.


Workaround

Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Sun Java System Content Delivery Server 4.0 and 4.1 (for Solaris 9) with patch 4.0_2004Q1_IR9_P1
  • Sun Java System Content Delivery Server 5.0 (for Solaris 9 and 10) with patch 5.0_2005Q4_IR2_P1

x86 Platform

  • Sun Java System Content Delivery Server 4.0 and 4.1 (for Solaris 9) with patch 4.0_2004Q1_IR9_P1
  • Sun Java System Content Delivery Server 5.0 (for Solaris 9 and 10) with patch 5.0_2005Q4_IR2_P1

Hewlett-Packard HP-UX 11i

  • Sun Java System Content Delivery Server 4.0 and 4.1 with patch 4.0_2004Q1_HP_P1

Note: Please contact your Sun Representative for this product to acquire the appropriate patch.






Attachments
This solution has no attachment
 
Sun support customers:
more support information is available after you sign in.
 
»   Login
»   Register
»   Lost UserName/Password
 
Login Required

You must login and have a valid contract to access Sun's Premium content which includes:

  • Sun Alerts
  • Bugs
  • Patches
  • Solutions
  • White Papers
  • Documentation
  • Support Knowledge

Login Required

You must login and have a valid contract to access Sun's contracted features

Access Legend:

(Login to access)   Sun Contracted Content
(Login to access)   Sun Contracted Feature

Please make use of SunSolve Feedback application by selecting the floating [+] to provide feedback about this specific document.

Search
Article Details
Article ID : 201090
Article Type : Sun Alert
Last reviewed : 2006-09-11
Audience : PUBLIC
Keywords :
Provide feedback  (help)
Page Tools
»  Print This Page
»  Email This Article
»  Bookmark This Article
Security Support
»   Security Center
»   Report Security Vulnerabilities
»   Security PGP Key
»   Sun Alert Notifications - RSS Feeds
»   Sun Alert Notifications - eNewsletter
»   Solaris Fingerprint Database
 
SunSolve Navigation
»   Forums for contracted customers
»   Licenses
»   Log a Service Request
»   Patches and Updates
»   Product Download Center
»   SunSystem Handbook
»   SunSolve Japan
SunSolve Feedback, Help and Updates
»   Blog
»   Community
»   Feedback
»   Help
»   Learn about SunSolve
»   Twitter
Contact About Sun News & Events Employment Site Map Privacy Terms of Use Trademarks Copyright Sun Microsystems, Inc. | SunSolve Version 7.4.0 #1