SUN » Java System Web Server : Security Vulnerabilities, CVEs, Published In 2010 (Denial of service) CVSS score >= 5

CVE-2010-0389

The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token.
Max CVSS
5.0
EPSS Score
0.28%
Published
2010-01-25
Updated
2010-01-31

CVE-2010-0388

Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request.
Max CVSS
7.5
EPSS Score
91.30%
Published
2010-01-25
Updated
2017-08-17

CVE-2010-0387

Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header.
Max CVSS
7.5
EPSS Score
94.82%
Published
2010-01-25
Updated
2017-08-17

CVE-2010-0361

Public exploit
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request.
Max CVSS
10.0
EPSS Score
95.11%
Published
2010-01-20
Updated
2011-04-28
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close