Format String Vulnerability in Sun Java Web Console
CVE-2007-1681

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Web Console
Vendor: CVE Published:; 19 April 2007

What is CVE-2007-1681?

The format string vulnerability in libwebconsole_services.so within the Sun Java Web Console versions 2.2.2 through 2.2.5 enables remote attackers to exploit failed login attempts. This exploitation could lead to a denial of service (application crash), potential exposure of sensitive information, and may allow the execution of arbitrary code through unspecified vectors, particularly affecting syslog functionality.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33731

vdb-entryx_refsource_XF

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securitytracker.com/id?1017930

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 19, 2007
Vulnerability Reserved
Mar 26, 2007

Oracle

What is CVE-2007-1681?

References

Timeline