Unrated severityNVD Advisory· Published Nov 18, 2008· Updated Jun 16, 2026
CVE-2008-5116
CVE-2008-5116
Description
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.
Affected products
8cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*
- (no CPE)range: 6.0 through 6.0 SP4, 7.0, and 7.1
Patches
Vulnerability mechanics
References
9- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.securityfocus.com/bid/32262nvdExploit
- secunia.com/advisories/32606nvdVendor Advisory
- www.vupen.com/english/advisories/2008/3128nvdVendor Advisory
- osvdb.org/49767nvd
- www.procheckup.com/Vulnerability_PR08-09.phpnvd
- www.securityfocus.com/archive/1/498487/100/0/threadednvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46554nvd
News mentions
0No linked articles in our index yet.