CVE-2007-2881

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Proxy Server
Vendor: CVE Published:; 29 May 2007

Summary

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.

References

http://www.vupen.com/english/advisories/2007/1957

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/34524

vdb-entryx_refsource_XF

http://secunia.com/advisories/25405

third-party-advisoryx_refsource_SECUNIA

EPSS Score

68% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 29, 2007
Vulnerability Reserved
May 29, 2007