Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Java System Access Manager CDCServlet 组件信息泄露漏洞
Vulnerability Description
Sun Java System Access Manager 7.0 2005Q4 及 7.1的CDCServlet组件存在信息泄露漏洞。当 Cross Domain Single Sign On (CDSSO)被激活的时候, 不能保证"政策建议" 在客户端的正确显示, 这会允许远程攻击者通过未明向量获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A