Format String Vulnerability in Sun Java System Web Server 7.0
CVE-2010-0388

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
25 January 2010

Summary

A format string vulnerability exists in the WebDAV implementation of the Sun Java System Web Server 7.0 Update 6, allowing remote attackers to potentially crash the server daemon through specially crafted format string specifiers in the XML declaration of a PROPFIND request. This could lead to a denial of service, causing interruptions in service and affecting the overall stability of the web server. Remediation steps should be taken promptly to safeguard against this attack vector.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.