Unrated severityNVD Advisory· Published May 22, 2006· Updated Apr 16, 2026

CVE-2006-2539

Description

Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.

Affected products

Sybase/Easerver3 versions
cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:easerver:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:easerver:5.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20145nvdPatchVendor Advisory
www.securityfocus.com/bid/18036nvdPatch
www.sybase.com/detailnvdPatch
www.vupen.com/english/advisories/2006/1869nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26567nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000