Description
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.
References (9)
Core 9
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1957
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34524
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25405
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/35841
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/746889
Patch vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1
Patch third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018130
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24165
Scores
EPSS
0.6911
EPSS Percentile
98.7%
Details
Status
published
Products (1)
sun/java_system_web_proxy_server
< 4.0.4
Published
May 29, 2007
Tracked Since
Feb 18, 2026