CVE Vulnerability

CVE-2007-2881

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536 Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1 Patch
http://www.kb.cert.org/vuls/id/746889 US Government Resource
http://www.securityfocus.com/bid/24165
http://www.securitytracker.com/id?1018130
http://secunia.com/advisories/25405
http://www.vupen.com/english/advisories/2007/1957
http://osvdb.org/35841
https://exchange.xforce.ibmcloud.com/vulnerabilities/34524
Configurations

Configuration 1

cpe:2.3:a:sun:java_system_web_proxy_server:*:*:*:*:*:*:*:*
Information

Published : 2007-05-29 08:30

Updated : 2017-07-29 01:31

NVD link : CVE-2007-2881

Mitre link : CVE-2007-2881

Products Affected
No products.
CWE
NVD-CWE-Other