CVE-2007-1526

Published: Mar 20, 2007Modified: Apr 23, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.

Affected (1)

Products: Sun: Java System Web Server

1 product

Java System Web Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sun Java System Web Server	Version 6.1

References (10)

http://osvdb.org/34074

Source: cve@mitre.org

http://secunia.com/advisories/24531

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102822-1

Source: cve@mitre.org

PatchVendor Advisory

http://www.securitytracker.com/id?1017777

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0958

Source: cve@mitre.org

http://osvdb.org/34074

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24531

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102822-1

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securitytracker.com/id?1017777

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0958

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.