{ "id": "CVE-2008-4541", "sourceIdentifier": "cve@mitre.org", "published": "2008-10-13T20:00:02.307", "lastModified": "2017-08-08T01:32:43.907", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el subsistema FTP en Sun Java System Web Proxy Server versiones 4.0 hasta 4.0.7, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una petici\u00f3n GET de HTTP dise\u00f1ada." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB8D89B7-2C74-4CDC-8708-D9FACC4DE7C3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "927171C0-E754-4FC1-AA9F-6565ADE2B63D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EECC7DD-79F8-4189-91C7-2E8F5AB6A50F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "A14869F3-76A8-4407-85C8-3D9764721EF0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "18658A61-81D2-4FDD-8DB2-8222CCCF85C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "C0B02862-58BD-4D29-A2D1-3A7925FA8DDB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "BE09D9A5-4A81-4771-9D1F-E74845537486" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp5:*:*:*:*:*:*", "matchCriteriaId": "B4B978A8-4D6D-4E1F-94FF-3ED6ECB584C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp6:*:*:*:*:*:*", "matchCriteriaId": "D03FFC6C-1CDB-49ED-B693-DC53D87118C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9FA1C4E0-1EB0-4CDE-90D5-1A600BCBA93F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp1:*:*:*:*:*:*", "matchCriteriaId": "399B9003-1841-4F68-ABD9-EFAF8FDAFADC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp2:*:*:*:*:*:*", "matchCriteriaId": "CE035EA8-4F06-4C14-9E27-8F1533D1433B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp3:*:*:*:*:*:*", "matchCriteriaId": "9D93A98A-39F3-44C7-9150-90C3892508C7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp4:*:*:*:*:*:*", "matchCriteriaId": "D2B7A60C-89B5-4851-BE12-4196A6A4D616" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp5:*:*:*:*:*:*", "matchCriteriaId": "29307BC1-6FC6-4F82-9031-E7317B2AFE64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp6:*:*:*:*:*:*", "matchCriteriaId": "1BAD5224-978C-4317-8FA2-FF56FF022E68" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CC07AB3E-09D4-47B2-B065-8E5A73775982" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp1:*:*:*:*:*:*", "matchCriteriaId": "69CE3DFF-8BFD-45BF-BA2A-DB176BF17C38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp2:*:*:*:*:*:*", "matchCriteriaId": "4DB543F2-7DC6-4EED-92D3-EBC12E70AC0F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp3:*:*:*:*:*:*", "matchCriteriaId": "559B8C70-F680-4578-9E68-258D91B41E9F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp4:*:*:*:*:*:*", "matchCriteriaId": "C7C836B7-564C-4EAD-A9EF-FB41C0533238" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp5:*:*:*:*:*:*", "matchCriteriaId": "3C5C06DE-0800-4A43-BEC1-B38811660DC3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp6:*:*:*:*:*:*", "matchCriteriaId": "511AEA73-AECF-4ECF-9690-03BF516875E3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "97EB8961-9F4D-498D-B2C7-421175F8FE72" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp1:*:*:*:*:*:*", "matchCriteriaId": "CF2CB27C-5F5A-4057-9B47-61365F0658C8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp2:*:*:*:*:*:*", "matchCriteriaId": "766DA0FE-CAA8-4946-A4AE-4E464D0D0D5E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp3:*:*:*:*:*:*", "matchCriteriaId": "67DBCAEE-BC63-4C92-8A91-839F475FBB45" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp4:*:*:*:*:*:*", "matchCriteriaId": "13903015-75DD-4F12-9E9A-F12844CEA251" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp5:*:*:*:*:*:*", "matchCriteriaId": "C48458F0-E844-4654-B450-77E2BF97B047" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp6:*:*:*:*:*:*", "matchCriteriaId": "6CA00153-D1EF-44BE-9288-00D2358DA55F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D9B4BC20-945E-4F5E-A850-AE9BC30119F2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "BDE95076-C3FF-41E0-A5A0-B70E779EAF77" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "4435E1C4-BAD3-4902-A5F0-3C024CE78766" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "982A6037-F163-4F48-9CF9-D07D37824565" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp4:*:*:*:*:*:*", "matchCriteriaId": "5FB0CAFB-AA1A-408D-9436-CFDAB6985FA9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp5:*:*:*:*:*:*", "matchCriteriaId": "848A771F-CB1D-49BC-A1D7-48C31AA91590" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp6:*:*:*:*:*:*", "matchCriteriaId": "B976BD9A-CC17-40DD-A167-FB549460AA17" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:hp_ux:*:*:*:*:*", "matchCriteriaId": "84FAC4BC-5A3F-41E6-B881-1ABB00C8167D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:linux:*:*:*:*:*", "matchCriteriaId": "61285CF6-F5BD-4C19-B288-1EF1A9AAFBA8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:sparc:*:*:*:*:*", "matchCriteriaId": "ED09307B-02D6-4861-8FF6-5EEC4CE257FE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:windows:*:*:*:*:*", "matchCriteriaId": "48DEE6A3-3EED-408A-BC93-85BAB1EA336C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:x86:*:*:*:*:*", "matchCriteriaId": "1C1A1FDC-6DF3-45CF-A4B7-3847429C6C8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1F4F13A0-8097-4A06-9989-F33918FE8ADB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:hp_ux:*:*:*:*:*", "matchCriteriaId": "1693ED80-2CE6-4536-A0EA-E7D0C24FDF10" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:linux:*:*:*:*:*", "matchCriteriaId": "FDB620CE-A4C0-4A49-8022-DA5FA40FFF3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:sparc:*:*:*:*:*", "matchCriteriaId": "4BCF42A1-BAB1-40C8-959F-0AC16B542577" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:windows:*:*:*:*:*", "matchCriteriaId": "82BBA16B-3F2F-49D3-99FC-4F3A45F1B68E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:x86:*:*:*:*:*", "matchCriteriaId": "A0C6FF56-864E-408C-AFDE-68D6DC7C6880" } ] } ] } ], "references": [ { "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747", "source": "cve@mitre.org" }, { "url": "http://securitytracker.com/id?1021038", "source": "cve@mitre.org" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/31691", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2008/2781", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782", "source": "cve@mitre.org" } ] }