Heap-based Buffer Overflow in Sun Java System Web Server 7.0 on Linux
CVE-2010-0272

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Server
Vendor: CVE Published:; 8 January 2010

What is CVE-2010-0272?

This vulnerability involves a heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux. It allows remote attackers to exploit crafted data sent to TCP port 80, potentially leading to the disclosure of sensitive process memory locations. Although this issue was initially reported without actionable information, it is tracked under a CVE identifier due to the credibility of the research behind it.

References

http://intevydis.com/sjws_demo.html

x_refsource_MISC

http://www.intevydis.com/blog/?p=102

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/55527

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2010
Vulnerability Reserved
Jan 8, 2010

Oracle

What is CVE-2010-0272?

References

Timeline