CVE-2009-1357: CVE-2009-1357

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1357

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELP_PAGE parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Sun Java System Delegated Administrator 'DA/Login'HTTP响应拆分漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Delegated Administrator允许在Sun Java通讯套件(如Messaging Server和Calendar Server)使用的LDAP目录中置备组织(域)、用户、组和资源。 Delegated Administrator的/da/DA/Login文件没有正确的过滤HELP_PAGE参数输入便返回给了用户。远程攻击者可以在提交的请求中包含任意HTTP头，该头会在响应中发送给用户，导致在用户浏览器会话中执行任意HTML和脚本代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-1357

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-1357

Please Login to view more intelligence information

http://www.coresecurity.com/content/sun-delegated-administratorx_refsource_MISC
http://sunsolve.sun.com/search/document.do?assetkey=1-21-121581-20-1x_refsource_CONFIRM
http://secunia.com/advisories/34760third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/53920vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/34643vdb-entryx_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255928-1vendor-advisoryx_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020305.1-1vendor-advisoryx_refsource_SUNALERT
http://securitytracker.com/id?1022108vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2009/1122vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/50004vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/502863/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2009-1357

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2009-1357

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2009-1357

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-1357

III. Intelligence Information for CVE-2009-1357

New Vulnerabilities

V. Comments for CVE-2009-1357

Leave a comment