PT-2004-1822 · Sun · Sun Java System Portal Server

Published

2004-07-23

Updated

2017-07-11

CVE-2004-0742

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun Java System Portal Server version 6.2

Description The issue allows remote authenticated users to gain Calendar Server privileges and modify Calendar data. This is achieved by changing the display options to a non-default view.

Recommendations For Sun Java System Portal Server version 6.2, consider restricting access to the display options feature to prevent unauthorized modification of Calendar data. As a temporary workaround, limit the ability of remote authenticated users to change display options to a non-default view until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0742

Affected Products

Sun Java System Portal Server

PT-2004-1822 · Sun · Sun Java System Portal Server

CVE-2004-0742

Related Identifiers

Affected Products

References · 7