Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sybase EAServer JPasswordField口令 信息泄露漏洞
Vulnerability Description
Sybase EAServer(Enterprise Application Server)是美国Sybase公司的一款基于J2EE的、企业级的应用服务器。该服务器提供企业级Web Site、分布式和主从式架构的解决方案。 在UNIX和LINUX平台上的J2EE或Java GUI应用程序中使用口令字段时存在安全漏洞。 1 如果用户在GUI应用程序的口令提示对话框中输入了口令但没有点击"确定"或"输入"的话,就会保持口令对话框一直打开,因此其他可以物理访问机器的用户就可以访问所输入的口令。通过远程控制软件访
CVSS Information
N/A
Vulnerability Type
N/A