CVE-2009-1084 Information

Description

Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not properly restrict access to the System Configuration object which allows remote authenticated administrators and possibly remote attackers to have an unspecified impact by modifying this object.

Reference

http://blogs.sun.com/security/entry/sun_alert_253267_sun_java http://secunia.com/advisories/34380 http://securitytracker.com/id?1021881 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139010-06-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1 http://www.securityfocus.com/bid/34191 http://www.vupen.com/english/advisories/2009/0797 https://exchange.xforce.ibmcloud.com/vulnerabilities/49607