Format String Vulnerability in Sun Java Web Console
CVE-2007-1681

Currently unrated

Key Information:

Vendor

Oracle
Status
Java Web Console
Vendor
CVE Published:
19 April 2007

What is CVE-2007-1681?

The format string vulnerability in libwebconsole_services.so within the Sun Java Web Console versions 2.2.2 through 2.2.5 enables remote attackers to exploit failed login attempts. This exploitation could lead to a denial of service (application crash), potential exposure of sensitive information, and may allow the execution of arbitrary code through unspecified vectors, particularly affecting syslog functionality.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33731
vdb-entryx_refsource_XF
http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
http://www.securitytracker.com/id?1017930
vdb-entryx_refsource_SECTRACK

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-1681 : Format String Vulnerability in Sun Java Web Console