CVE-2007-2881

3 documents3 sources

Severity

10.0CRITICAL

EPSS

69.1%

top 1.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java System WEB Proxy Server

Timeline

PublishedMay 29

Latest updateMay 1

Description

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDsun/java_system_web_proxy_server4.0.4

Patches

Patch: labs.idefense.com ↗Patch: sunsolve.sun.com ↗Patch: labs.idefense.com ↗

🔴Vulnerability Details

GHSA

GHSA-jm2g-5vc2-gxvp: Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4↗2022-05-01

▶

CVEList

CVE-2007-2881: Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4↗2007-05-29

▶