Note: This is an archival copy of Security Sun Alert 200082 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000066.1.
Article ID : 1000066.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2007-01-04
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Viewing of Content Details



Category
Security

Release Phase
Resolved

Product
Sun Java System Content Delivery Server 5.0

Bug Id
6492538

Date of Resolved Release
05-JAN-2007

Impact

A security vulnerability in the Sun Java System Content Delivery Server may allow local or remote unprivileged users unauthorized access to content details.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Sun Java System Content Delivery Server 5.0 and 5.0 PU1 (for Solaris 9 and 10) without patch 5.0_2005Q4_IR3_P5

Note: Sun Java System Content Delivery Server 4.0 and 4.1 are not impacted by this issue.


Symptoms

There are no predictable symptoms that would indicate the described issue has been exploited.


Workaround

There is no workaround.  Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Sun Java System Content Delivery Server 5.0 and 5.0 PU1 (for Solaris 9 and 10) with patch 5.0_2005Q4_IR3_P6

Note: The patch that addresses this issue is available through normal support channels.















Attachments
This solution has no attachment