Vulnerabilities > CVE-2006-2539 - Unspecified vulnerability in Sybase Easerver 5.0/5.2/5.3
Attack vector
LOCAL Attack complexity
HIGH Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |