CVE-2004-1350
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
95.5%
Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp1:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp2:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp3:*:*:*:*:*:* |
| sun | java_system_web_proxy_server | 3.6 | cpe:2.3:a:sun:java_system_web_proxy_server:3.6:sp4:*:*:*:*:*:* |
References
secunia.com/advisories/13036/
securitytracker.com/id?1012005
sunsolve.sun.com/search/document.do?assetkey=1-26-57606-1&searchclause=security
www.auscert.org.au/render.html?it=4516
www.ciac.org/ciac/bulletins/p-027.shtml
www.kb.cert.org/vuls/id/964401
www.osvdb.org/displayvuln.php?osvdb_id=11304
www.pentest.co.uk/documents/ptl-2004-06.html
www.securityfocus.com/bid/11566
exchange.xforce.ibmcloud.com/vulnerabilities/17920
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
95.5%