Vulnerability CVE-2007-2881
Published: 2007-05-29   Modified: 2012-02-12

Description:
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
SUN -> Java system web proxy server 

 References:
http://www.kb.cert.org/vuls/id/746889
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536
http://www.vupen.com/english/advisories/2007/1957
http://xforce.iss.net/xforce/xfdb/34524
http://www.securitytracker.com/id?1018130
http://www.securityfocus.com/bid/24165
http://secunia.com/advisories/25405
Copyright 2024, cxsecurity.com

 

Back to Top