CVE-2009-1219

Sun Java System Calendar Server 6 2004Q2-6.3-7.01 - Denial of Service via tzid Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1219. PoCs published by SCS team.

AI-analyzed exploit summary The exploit describes a denial-of-service vulnerability in Sun Java System Calendar Server caused by mishandling duplicate URI requests. The provided example URI can crash the server, but no actual exploit code is included.

Description

Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by SCS team · textdosjava

https://www.exploit-db.com/exploits/32860

View Code ZIP pw:eip

The exploit describes a denial-of-service vulnerability in Sun Java System Calendar Server caused by mishandling duplicate URI requests. The provided example URI can crash the server, but no actual exploit code is included.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Sun Java System Calendar Server 6.3

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK