Heap-based Buffer Overflow in Sun Java System Web Server 7.0 on Linux
CVE-2010-0272

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Server
Vendor: CVE Published:; 8 January 2010

Summary

This vulnerability involves a heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux. It allows remote attackers to exploit crafted data sent to TCP port 80, potentially leading to the disclosure of sensitive process memory locations. Although this issue was initially reported without actionable information, it is tracked under a CVE identifier due to the credibility of the research behind it.

References

http://intevydis.com/sjws_demo.html

x_refsource_MISC

http://www.intevydis.com/blog/?p=102

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/55527

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 8, 2010
Vulnerability Reserved
Jan 8, 2010