CVE-2004-1350

5 documents5 sources

Severity

7.5HIGH

EPSS

25.4%

top 3.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java System WEB Proxy Server

Timeline

PublishedOct 30

Latest updateApr 29

Description

Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsun/java_system_web_proxy_server3.6

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.osvdb.org ↗

🔴Vulnerability Details

GHSA

GHSA-jc9j-72j5-pw3x: Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3↗2022-04-29

▶

CVEList

CVE-2004-1350: Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3↗2005-01-19

▶

📋Vendor Advisories

Red Hat

namazu XSS flaw↗

▶

🕵️Threat Intelligence

Unit42

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350↗2020-07-21

▶