CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2404

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile40.16th
PublishedJun 4, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.

Affected Platforms (CPE)

πŸ“¦
Sun

Java Asp Server

<= 4.0.2
πŸ“¦
Sun

Java Asp Server

= 4.0

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=708
πŸ”— http://secunia.com/advisories/30523
πŸ”— http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
πŸ”— http://www.securitytracker.com/id?1020189
πŸ”— http://www.vupen.com/english/advisories/2008/1742/references
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/42830
πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=708
πŸ”— http://secunia.com/advisories/30523

Related Vulnerabilities

CVE-2008-240310.0

Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4...

CVE-2008-24017.5

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or e...

CVE-2008-24057.5

Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharact...

CVE-2008-24067.5

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass ...