7.5

CVE-2007-1681

Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJava Web Console Version2.2.2 Editionx86
SunJava Web Console Version2.2.3 Editionx86
SunJava Web Console Version2.2.4 Editionx86
SunJava Web Console Version2.2.5 Editionx86
SunSolaris Version10.0 Editionx86
SunSolaris Version10.0 Updatehw2
SunJava Web Console Version2.2.2 Editionx86
SunJava Web Console Version2.2.3 Editionx86
SunJava Web Console Version2.2.4 Editionx86
SunJava Web Console Version2.2.5 Editionx86
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.72% 0.907
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/34902
http://secunia.com/advisories/24927
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1
Vendor Advisory
http://www.nruns.com/security_advisory_sun_java_format_string.php
http://www.securityfocus.com/archive/1/466048/100/0/threaded
http://www.securityfocus.com/bid/23539
http://www.securitytracker.com/id?1017930
http://www.vupen.com/english/advisories/2007/1443
https://exchange.xforce.ibmcloud.com/vulnerabilities/33731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252