CVE-2009-0609

EPSS 0.74%
Veröffentlicht 17.02.2009 17:30:06
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sun ≫ Java System Directory Server Version6.0 Updateenterprise

Sun ≫ Java System Directory Server Version6.1 Updateenterprise

Sun ≫ Java System Directory Server Version6.2 Updateenterprise

Sun ≫ Java System Directory Server Version6.3 Updateenterprise

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.74%	0.72

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/33923

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1

Patch

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1

Patch

Vendor Advisory

http://www.securityfocus.com/bid/33761

https://nvd.nist.gov/vuln/detail/CVE-2009-0609

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0609

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0609

EUVD