Summary
Detail | |||
---|---|---|---|
Vendor | Sun | First view | 2007-12-28 |
Product | Java System Web Proxy Server | Last view | 2008-10-13 |
Version | 4.0.5 | Type | Application |
Update | sp6 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:sun:java_system_web_proxy_server |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
10 | 2008-10-13 | CVE-2008-4541 | Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. |
4.3 | 2007-12-28 | CVE-2007-6569 | Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
49065 | Sun Java System Web Proxy Server FTP Subsystem Unspecified Remote Overflow |
40848 | Sun Java System Web Proxy Server View Error Log Functionality XSS |
OpenVAS Exploits
id | Description |
---|---|
2008-10-16 | Name : Sun Java System Web Proxy Server Two Vulnerabilities (Linux) File : nvt/gb_sun_java_web_porxy_svr_vuln_lin.nasl |
2008-10-16 | Name : Sun Java System Web Proxy Server Vulnerabilities (Win) File : nvt/gb_sun_java_web_porxy_svr_vuln_win.nasl |