CVE-2008-7227
PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.
| Software | From | Fixed in |
|---|---|---|
| geoserver / geoserver | 1.3.0 | 1.3.0.x |
| geoserver / geoserver | 1.5.2 | 1.5.2.x |
| geoserver / geoserver | 1.5.0-rc4 | 1.5.0-rc4.x |
| geoserver / geoserver | 1.3.0-rc6 | 1.3.0-rc6.x |
| geoserver / geoserver | - | 1.6.0.x |
| geoserver / geoserver | 1.3.0-pr1 | 1.3.0-pr1.x |
| geoserver / geoserver | 1.5.3 | 1.5.3.x |
| geoserver / geoserver | 1.4.0-m1 | 1.4.0-m1.x |
| geoserver / geoserver | 1.6.0-beta1 | 1.6.0-beta1.x |
| geoserver / geoserver | 1.6.0-rc1 | 1.6.0-rc1.x |
| geoserver / geoserver | 1.5.1-rc1 | 1.5.1-rc1.x |
| geoserver / geoserver | 1.3.0-rc4 | 1.3.0-rc4.x |
| geoserver / geoserver | 1.3.0-rc7 | 1.3.0-rc7.x |
| geoserver / geoserver | 1.5.1 | 1.5.1.x |
| geoserver / geoserver | 1.6.0 | 1.6.0.x |
| geoserver / geoserver | 1.3.0-beta | 1.3.0-beta.x |
| geoserver / geoserver | 1.7.0-beta1 | 1.7.0-beta1.x |
| geoserver / geoserver | 1.5.0-rc3 | 1.5.0-rc3.x |
| geoserver / geoserver | 1.3.2 | 1.3.2.x |
| geoserver / geoserver | 3.0-beta3 | 3.0-beta3.x |
| geoserver / geoserver | 1.6.0-rc2 | 1.6.0-rc2.x |
| geoserver / geoserver | 1.6.0-beta2 | 1.6.0-beta2.x |
| geoserver / geoserver | 1.5.0-beta2 | 1.5.0-beta2.x |
| geoserver / geoserver | 1.4.0-m0 | 1.4.0-m0.x |
| geoserver / geoserver | 1.3.0-rc2 | 1.3.0-rc2.x |
| geoserver / geoserver | 1.6.0-rc3 | 1.6.0-rc3.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime