CVEブラウザに戻る

CVE-2009-1219

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1960%

EPSS Percentile22.06th

Published2009年4月1日

Last Modified2026年4月23日

Vulnerability Description

Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.

Affected Platforms (CPE)

📦

Sun

Java System Calendar Server

= 6

📦

Sun

Java System Calendar Server

= 6.3

📦

Sun

One Calendar Server

= 6.0

📦

Sun

Java System Calendar Server

= 6

📦

Sun

Java System Calendar Server

= 6.3

📦

Sun

One Calendar Server

= 6.0

📦

Sun

Java System Calendar Server

= 6

📦

Sun

Java System Calendar Server

= 6.3

📦

Sun

One Calendar Server

= 6.0

References & Advisories

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1

🔗 http://www.coresecurity.com/content/sun-calendar-express

🔗 http://www.securityfocus.com/archive/1/502320/100/0/threaded

🔗 http://www.securityfocus.com/bid/34150

🔗 http://www.vupen.com/english/advisories/2009/0905

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256228-1

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1

関連する脆弱性情報

CVE-2004-074210.0

Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and mo...

CVE-2008-27497.1

Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access lo...

CVE-2009-12184.3

Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java...

CVE-2009-109510.0

Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6...