CVE-2009-1078

N/A Unknown

Published: March 25, 2009 Modified: April 23, 2026

Description

Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://blogs.sun.com/security/entry/sun_alert_253267_sun_java

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/34380

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1021881

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-21-140935-01-1

Source: cve@mitre.org

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/34191

Source: cve@mitre.org

Exploit Patch

http://www.vupen.com/english/advisories/2009/0797

Source: cve@mitre.org

Vendor Advisory

http://blogs.sun.com/security/entry/sun_alert_253267_sun_java