CVE-2008-7227

GeoServer <1.6.1, <1.7.0-beta1 - Unknown Impact

Title source: llm
STIX 2.1

Description

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/43266
Various Sources x_refsource_confirm
http://jira.codehaus.org/browse/GEOS-1747

Scores

EPSS 0.0093
EPSS Percentile 56.4%

Details

CWE
CWE-119
Status published
Products (13)
geoserver/geoserver 1.3.0 (7 CPE variants)
geoserver/geoserver 1.3.2
geoserver/geoserver 1.4.0 m0 (2 CPE variants)
geoserver/geoserver 1.5.0 beta2 (3 CPE variants)
geoserver/geoserver 1.5.1 (2 CPE variants)
geoserver/geoserver 1.5.2
geoserver/geoserver 1.5.3
geoserver/geoserver 1.6.0 (6 CPE variants)
geoserver/geoserver 1.7.0 beta1
geoserver/geoserver 3.0 beta3
... and 3 more
Published Sep 14, 2009
Tracked Since Feb 18, 2026