Vulnerability Description
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Java System Web Proxy Server | <= 4.0.4 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536Patch
- http://osvdb.org/35841
- http://secunia.com/advisories/25405
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1Patch
- http://www.kb.cert.org/vuls/id/746889US Government Resource
- http://www.securityfocus.com/bid/24165
- http://www.securitytracker.com/id?1018130
- http://www.vupen.com/english/advisories/2007/1957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34524
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536Patch
- http://osvdb.org/35841
- http://secunia.com/advisories/25405
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1Patch
- http://www.kb.cert.org/vuls/id/746889US Government Resource
- http://www.securityfocus.com/bid/24165
FAQ
What is CVE-2007-2881?
CVE-2007-2881 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol ...
How severe is CVE-2007-2881?
CVE-2007-2881 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2881?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Java System Web Proxy Server.