Denial of Service Vulnerability in Sun Calendar Express Web Server
CVE-2009-1219

Currently unrated

Key Information:

Vendor
Oracle
Status
One Calendar Server
Java System Calendar Server
Vendor
CVE Published:
1 April 2009

Summary

The Sun Calendar Express Web Server is susceptible to a denial of service vulnerability that could allow remote attackers to crash the service through multiple requests directed at the default URI. By exploiting the tzid parameter with specific alphabetic characters, adversaries can disrupt server operations, rendering the service unavailable to legitimate users. This flaw impacts versions of Sun ONE Calendar Server and Sun Java System Calendar Server, making it crucial for users to apply appropriate security measures.

References

http://www.vupen.com/english/advisories/2009/0905
vdb-entryx_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
http://www.securityfocus.com/bid/34150
vdb-entryx_refsource_BID

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.