Required CVE Record Information
Description
Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.
References 5 Total
- secunia.com: 20145 third-party-advisory
- exchange.xforce.ibmcloud.com: sybase-easerver-jpasswordfield-obtain-info(26567) vdb-entry
- vupen.com: ADV-2006-1869 vdb-entry
- http://www.sybase.com/detail?id=1040665
- securityfocus.com: 18036 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- secunia.com: 20145 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: sybase-easerver-jpasswordfield-obtain-info(26567) vdb-entryx_transferred
- vupen.com: ADV-2006-1869 vdb-entryx_transferred
- http://www.sybase.com/detail?id=1040665 x_transferred
- securityfocus.com: 18036 vdb-entryx_transferred