CVE-2010-0361

SUN Java System Web Server - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request.

Exploits (4)

metasploit WORKING POC GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/sun_jsws_dav_options.rb
exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/16314
exploitdb WORKING POC
by dmc · c++remotewindows
https://www.exploit-db.com/exploits/14287
exploitdb WORKING POC
by dmc · c++remotewindows
https://www.exploit-db.com/exploits/14194

References (1)

Scores

EPSS 0.8839
EPSS Percentile 99.5%

Classification

CWE
CWE-119
Status draft

Affected Products (1)

sun/java_system_web_server

Timeline

Published Jan 20, 2010
Tracked Since Feb 18, 2026