1. CVE-Search
  2. CVE-2007-2881
ID CVE-2007-2881
Summary Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:java_system_web_proxy_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp1:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp1:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp10:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp10:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp2:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp2:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp3:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp3:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp4:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp4:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp5:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp5:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp6:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp6:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp7:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp7:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp8:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp8:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp9:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp9:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 24165
cert-vn VU#746889
idefense 20070525 Sun Java System Web Proxy Multiple Buffer Overflow Vulnerabilities
osvdb 35841
sectrack 1018130
secunia 25405
sunalert 102927
vupen ADV-2007-1957
xf sun-java-web-socks-bo(34524)
saint via4
bid 24165
description Sun Java System Web Proxy sockd buffer overflow
id web_proxy_sunone
osvdb 35841
title sun_java_proxy_sockd
type remote
Last major update 29-07-2017 - 01:31
Published 29-05-2007 - 20:30
Last modified 29-07-2017 - 01:31
Back to Top