CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
83.1%
Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an βoverflow.β NOTE: this might overlap CVE-2010-0272 and CVE-2010-0273.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | java_system_web_server | 7.0 | cpe:2.3:a:sun:java_system_web_server:7.0:update_7:*:*:*:*:*:* |