CVE-2007-2881

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.

Published: May 29, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-2881
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
sun / java_system_web_proxy_server	-	4.0.4.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536
http://osvdb.org/35841
http://secunia.com/advisories/25405
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1
http://www.kb.cert.org/vuls/id/746889
http://www.securityfocus.com/bid/24165
http://www.securitytracker.com/id?1018130
http://www.vupen.com/english/advisories/2007/1957
https://exchange.xforce.ibmcloud.com/vulnerabilities/34524

Vulnerability Database

CVE-2007-2881

Deep Security Visibility Without the Complexity