What is CVE-2004-2763?

CVE-2004-2763 is a vulnerability in Sun Iplanet_web_server, classified under CWE-16. Published 2009-06-01.

Is CVE-2004-2763 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Sun Iplanet_web_server

CVE-2004-2763

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applic…

EPSS: 0.022 (80.0th percentile) — read the EPSS interpretation.

Affected products

Sun Iplanet_web_server — versions 4.1, 6.0
Sun One_web_server — versions 4.1, 6.0, 6.1
N/a — versions n/a

Weakness classification (CWE)

CWE-16

Public proof-of-concept exploits

References

cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2004-2763?: CVE-2004-2763 is a vulnerability in Sun Iplanet_web_server, classified under CWE-16. Published 2009-06-01.
Is CVE-2004-2763 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.