Buffer Overflow in Sun Java Active Server Pages Server
CVE-2008-2404

Currently unrated

Key Information:

Vendor: Oracle
Status: Java Asp Server
Vendor: CVE Published:; 4 June 2008

What is CVE-2008-2404?

A stack-based buffer overflow exists in the request handling process of Sun Java Active Server Pages Server prior to version 4.0.3. This vulnerability enables remote attackers to execute arbitrary code by exploiting an unspecified string field, leading to potential unauthorized access and control over the affected system. Given the nature of the flaw, it is critical for users to upgrade to the latest version to mitigate the risks associated with this security issue.

References

http://www.securitytracker.com/id?1020189

vdb-entryx_refsource_SECTRACK

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

https://exchange.xforce.ibmcloud.com/vulnerabilities/42830

vdb-entryx_refsource_XF

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
May 22, 2008

Oracle

What is CVE-2008-2404?

References

EPSS Score

Timeline