CVE-2004-1350

SUN Java System Web Proxy Server - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests.

References (10)

[Patch, Vendor Advisory] http://secunia.com/advisories/13036/

[Patch, Vendor Advisory] http://securitytracker.com/id?1012005

[Various Sources] http://www.auscert.org.au/render.html?it=4516

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/p-027.shtml

[US Government Resource] http://www.kb.cert.org/vuls/id/964401

[Patch, Vendor Advisory] http://www.osvdb.org/displayvuln.php?osvdb_id=11304

[Various Sources] http://www.pentest.co.uk/documents/ptl-2004-06.html

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/11566

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17920

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-57606-1&searchclause=security

Scores

EPSS 0.2541

EPSS Percentile 96.1%

Classification

Status draft

Affected Products (5)

sun/java_system_web_proxy_server

Timeline

Published Oct 30, 2004

Tracked Since Feb 18, 2026