Unrated severityNVD Advisory· Published Mar 25, 2009· Updated Jun 16, 2026
CVE-2009-1078
CVE-2009-1078
Description
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.
Affected products
5cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_identity_manager:8.0:*:*:*:*:*:*:*
- (no CPE)range: 7.0 - 8.0
Patches
Vulnerability mechanics
References
7- blogs.sun.com/security/entry/sun_alert_253267_sun_javanvdPatchVendor Advisory
- sunsolve.sun.com/search/document.donvdPatch
- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.securityfocus.com/bid/34191nvdExploitPatch
- secunia.com/advisories/34380nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0797nvdVendor Advisory
- securitytracker.com/idnvd
News mentions
0No linked articles in our index yet.