CVE-2007-1681

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Web Console
Vendor: CVE Published:; 19 April 2007

Summary

Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33731

vdb-entryx_refsource_XF

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securitytracker.com/id?1017930

vdb-entryx_refsource_SECTRACK

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 19, 2007
Vulnerability Reserved
Mar 26, 2007