CVE-2008-4747

Published: Oct 27, 2008Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library.

Affected (3)

Products: Sun: Java Access Manager

Sun

1 product

Java Access Manager

Configuration A

3 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Sun Java Access Manager	Version 6 2005q1
Sun Java Access Manager	Version 7.1
Sun Java Access Manager	Version 7 2005q4

Running on/with	Platform Versions
Sun Java System Ldap Jdk	Up to 4.19
Sun Java System Ldap Jdk	Up to 4.19
Sun Java System Ldap Jdk	Up to 4.19

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (12)

http://secunia.com/advisories/32327

Source: cve@mitre.org

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-242246-1

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/31905

Source: cve@mitre.org

http://www.securitytracker.com/id?1021103

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2916

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46074

Source: cve@mitre.org

http://secunia.com/advisories/32327