CVE-2010-0388

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Server
Vendor: CVE Published:; 25 January 2010

Summary

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request.

References

http://www.securityfocus.com/bid/37910

vdb-entryx_refsource_BID

http://intevydis.blogspot.com/2010/01/sun-java-system-web...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/55812

vdb-entryx_refsource_XF

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 25, 2010
Vulnerability Reserved
Jan 25, 2010