Lucene search

[email protected]CVE-2010-0273

HistoryJan 08, 2010 - 5:30 p.m.

CVE-2010-0273

2010-01-0817:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2010-0273

vulnerability

sun java system web server

linux

remote attackers

arbitrary code

tcp port 80

vulndisco

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

CPENameOperatorVersion
sun:java_system_web_serversun java system web servereq7.0

CPE	Name	Operator	Version
sun:java_system_web_server	sun java system web server	eq	7.0

References

intevydis.com/sjws_demo.html

www.intevydis.com/blog/?p=102

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for CVE-2010-0273

prion2 cvelist2 cve1 openvas4