VYPR
Unrated severityNVD Advisory· Published Nov 18, 2008· Updated Jun 16, 2026

CVE-2008-5116

CVE-2008-5116

Description

Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.

Affected products

8
  • cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*
    • (no CPE)range: 6.0 through 6.0 SP4, 7.0, and 7.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.