Denial of Service Vulnerability in Sun Calendar Express Web Server
CVE-2009-1219

Currently unrated

Key Information:

Vendor: Oracle
Status: One Calendar Server; Java System Calendar Server
Vendor: CVE Published:; 1 April 2009

What is CVE-2009-1219?

The Sun Calendar Express Web Server is susceptible to a denial of service vulnerability that could allow remote attackers to crash the service through multiple requests directed at the default URI. By exploiting the tzid parameter with specific alphabetic characters, adversaries can disrupt server operations, rendering the service unavailable to legitimate users. This flaw impacts versions of Sun ONE Calendar Server and Sun Java System Calendar Server, making it crucial for users to apply appropriate security measures.

References

http://www.vupen.com/english/advisories/2009/0905

vdb-entryx_refsource_VUPEN

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securityfocus.com/bid/34150

vdb-entryx_refsource_BID

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 1, 2009
Vulnerability Reserved
Apr 1, 2009

Oracle

What is CVE-2009-1219?

References

EPSS Score

Timeline