Vulnerability Details CVE-2007-2881
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.685
EPSS Ranking 98.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536
- http://osvdb.org/35841
- http://secunia.com/advisories/25405
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1
- http://www.kb.cert.org/vuls/id/746889
- http://www.securityfocus.com/bid/24165
- http://www.securitytracker.com/id?1018130
- http://www.vupen.com/english/advisories/2007/1957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34524
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536
- http://osvdb.org/35841
- http://secunia.com/advisories/25405
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1
- http://www.kb.cert.org/vuls/id/746889
- http://www.securityfocus.com/bid/24165
- http://www.securitytracker.com/id?1018130
- http://www.vupen.com/english/advisories/2007/1957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34524
Products affected by CVE-2007-2881
-
cpe:2.3:a:sun:java_system_web_proxy_server:-
-
cpe:2.3:a:sun:java_system_web_proxy_server:3.6
-
cpe:2.3:a:sun:java_system_web_proxy_server:4.0
-
cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2
-
cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3
-
cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4