CVE-2007-1681

3 documents3 sources
Severity
7.5HIGH
EPSS
5.1%
top 10.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN Java WEB ConsoleSUN Solaris
Timeline
PublishedApr 19
Latest updateMay 1

Description

Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDsun/java_web_console4 versions+3
NVDsun/solaris10.0

🔴Vulnerability Details

2
GHSA
GHSA-8292-4px4-h2x6: Format string vulnerability in libwebconsole_services2022-05-01
CVEList
CVE-2007-1681: Format string vulnerability in libwebconsole_services2007-04-19
CVE-2007-1681 (HIGH CVSS 7.5) | Format string vulnerability in libw | cvebase.io