Heap-based Buffer Overflow in Sun Java System Web Proxy Server
CVE-2008-4541

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Proxy Server
Vendor: CVE Published:; 13 October 2008

Summary

The Sun Java System Web Proxy Server is impacted by a heap-based buffer overflow in its FTP subsystem. This vulnerability enables remote attackers to execute arbitrary code on the server by sending a specially crafted HTTP GET request. Effective exploitation of this security issue may lead to unauthorized actions being performed on the affected server, creating a serious risk for organizations utilizing this software.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45782

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/31691

vdb-entryx_refsource_BID

http://secunia.com/advisories/32227

third-party-advisoryx_refsource_SECUNIA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 13, 2008
Vulnerability Reserved
Oct 13, 2008