CVE-2005-4804

Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/16802	Patch Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101905-1	Patch
http://www.ciac.org/ciac/bulletins/p-305.shtml	Patch
http://www.securityfocus.com/bid/14823	Patch
http://www.vupen.com/english/advisories/2005/1733
https://exchange.xforce.ibmcloud.com/vulnerabilities/22261

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:java_system_application_server:8.1::enterprise:::::
	cpe:2.3:a:sun:java_system_application_server:8.1::platform:::::
	cpe:2.3:a:sun:java_system_application_server:8.1:ur1:platform:::::*

History

No history.

Information

Published : 2005-12-31 05:00

Updated : 2023-12-10 10:28

NVD link : CVE-2005-4804

Mitre link : CVE-2005-4804

CVE.ORG link : CVE-2005-4804

JSON object : View

Products Affected

sun

java_system_application_server

CWE

NVD-CWE-Other

{"id": "CVE-2005-4804", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"url": "http://secunia.com/advisories/16802", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101905-1", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.ciac.org/ciac/bulletins/p-305.shtml", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14823", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2005/1733", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22261", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications."}], "lastModified": "2017-07-20T01:29:24.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_application_server:8.1:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9F68042-8C22-447E-8C6B-F44DEE5BF389"}, {"criteria": "cpe:2.3:a:sun:java_system_application_server:8.1:*:platform:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7659FD2B-6F83-44F1-B4A1-94D106B4C686"}, {"criteria": "cpe:2.3:a:sun:java_system_application_server:8.1:ur1:platform:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2A9B4B2-B844-411F-B4C7-9AC60C37A5A3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}