Buffer overflow in Sun Java_system_web_server

CVE-2010-0272

Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. NOTE: as of…

Vulnerability class: Buffer Overflow

EPSS: 0.025 (82.9th percentile) — read the EPSS interpretation.

Affected products

Sun Java_system_web_server — versions 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (vdb-entry, x_refsource_XF)