Vulnerability Description
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Java System Identity Manager | 6.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/49767
- http://secunia.com/advisories/32606Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1PatchVendor Advisory
- http://www.procheckup.com/Vulnerability_PR08-09.php
- http://www.securityfocus.com/archive/1/498487/100/0/threaded
- http://www.securityfocus.com/bid/32262Exploit
- http://www.securitytracker.com/id?1021170
- http://www.vupen.com/english/advisories/2008/3128Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46554
- http://osvdb.org/49767
- http://secunia.com/advisories/32606Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1PatchVendor Advisory
- http://www.procheckup.com/Vulnerability_PR08-09.php
- http://www.securityfocus.com/archive/1/498487/100/0/threaded
- http://www.securityfocus.com/bid/32262Exploit
FAQ
What is CVE-2008-5116?
CVE-2008-5116 is a vulnerability with a CVSS score of 7.8 (HIGH). Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem...
How severe is CVE-2008-5116?
CVE-2008-5116 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5116?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Java System Identity Manager.