CVE-2009-3878

Sun Java System Web Server 7.0 Update 6 - Buffer Overflow

Title source: llm

Description

Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

References (7)

[Various Sources] http://intevydis.com/vd-list.shtml

[Vendor Advisory] http://secunia.com/advisories/37115

[Various Sources] http://www.h-online.com/security/news/item/Alleged-critical-vulnerability-in-Sun-Java-System-Web-Server-839598.html

[Various Sources] http://www.intevydis.com/blog/?p=79

[Third Party Advisory, VDB Entry] http://www.osvdb.org/59497

[Vendor Advisory] http://www.vupen.com/english/advisories/2009/3024

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/54065

Scores

EPSS 0.0033

EPSS Percentile 55.7%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

sun/java_system_web_server

Timeline

Published Nov 05, 2009

Tracked Since Feb 18, 2026