Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sun Subscribe
Filtered by product Java System Identity Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0311 2 Ibm, Sun 4 Tivoli Access Manager For E-business, Java System Access Manager, Java System Identity Server and 1 more 2023-12-10 6.8 MEDIUM N/A
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
CVE-2008-2945 1 Sun 2 Java System Access Manager, Java System Identity Server 2023-12-10 7.5 HIGH N/A
Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715, CVE-2007-3716, and CVE-2007-4289.