Stack-Based Buffer Overflows in Sun Java Web Proxy Server SOCKS Proxy
CVE-2007-2881

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Proxy Server
Vendor: CVE Published:; 29 May 2007

Summary

The SOCKS proxy support in Sun Java Web Proxy Server before version 4.0.5 is susceptible to multiple stack-based buffer overflow vulnerabilities. These flaws allow remote attackers to craft packets that exploit these vulnerabilities during the protocol negotiation phase, potentially leading to arbitrary code execution on the affected server.

References

http://www.vupen.com/english/advisories/2007/1957

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/34524

vdb-entryx_refsource_XF

http://secunia.com/advisories/25405

third-party-advisoryx_refsource_SECUNIA

EPSS Score

68% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 29, 2007
Vulnerability Reserved
May 29, 2007