Vulnerability Name:

CVE-2007-3225 (CCN-34859)

Assigned:2007-06-13
Published:2007-06-13
Updated:2017-07-29
Summary:Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-3225

Source: OSVDB
Type: UNKNOWN
37246

Source: CCN
Type: SA25666
Sun Java System Directory Server Two Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
25666

Source: CCN
Type: SECTRACK ID: 1018255
Sun Java System Directory Server Lets Remote Users Modify Certain Data

Source: CCN
Type: Sun Alert ID: 102875
Security Vulnerability in Sun Java System Directory Server May Allow Unauthorized Data Modifications

Source: SUNALERT
Type: Patch, Vendor Advisory
102875

Source: CCN
Type: ASA-2007-270
Security Vulnerability in Sun Java System Directory Server May Allow Unauthorized Data Modifications (Sun 102875)

Source: CCN
Type: OSVDB ID: 37246
Sun Java System Directory Server (slapd) Unspecified Remote Data Manipulation

Source: BID
Type: UNKNOWN
24468

Source: CCN
Type: BID-24468
Sun Java System Directory Server Remote Unauthorized Access Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018255

Source: VUPEN
Type: UNKNOWN
ADV-2007-2189

Source: XF
Type: UNKNOWN
sun-java-unspecified-unauthorized-access(34859)

Source: XF
Type: UNKNOWN
sun-java-unspecified-unauthorized-access(34859)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:sun:java_system_directory_server:6.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*
  • OR cpe:/a:sun:java_system_directory_server:5.2:2005q4:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sun java system directory server 5.2
    sun java system directory server 6.0
    sun java system directory server 5.2 2005q1
    sun java system directory server 5.2 2005q4