Vulnerability Details CVE-2009-1219
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.133
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1
- http://www.coresecurity.com/content/sun-calendar-express
- http://www.securityfocus.com/archive/1/502320/100/0/threaded
- http://www.securityfocus.com/bid/34150
- http://www.vupen.com/english/advisories/2009/0905
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1
- http://www.coresecurity.com/content/sun-calendar-express
- http://www.securityfocus.com/archive/1/502320/100/0/threaded
- http://www.securityfocus.com/bid/34150
- http://www.vupen.com/english/advisories/2009/0905
Products affected by CVE-2009-1219
-
cpe:2.3:a:sun:java_system_calendar_server:6
-
cpe:2.3:a:sun:java_system_calendar_server:6.3
-
cpe:2.3:a:sun:one_calendar_server:6.0