Security Vulnerability in the Simple Authentication and Security Layer (SASL) Library Bundled with the Java Enterprise System (JES) may Allow Unprivileged Users to Crash Applications Using the sasl_encode64 Function
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
- Sun Solaris 9
- Sun Solaris 8
- Sun Solaris 10