CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-4541

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile41.03th
Published2008年10月13日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.

Affected Platforms (CPE)

📦
Sun

Java System Web Proxy Server

= 4.0
📦
Sun

Java System Web Proxy Server

= 4.0
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.1
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.2
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.3
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.4
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.5
📦
Sun

Java System Web Proxy Server

= 4.0.6
📦
Sun

Java System Web Proxy Server

= 4.0.6
📦
Sun

Java System Web Proxy Server

= 4.0.6
📦
Sun

Java System Web Proxy Server

= 4.0.6
📦
Sun

Java System Web Proxy Server

= 4.0.6
📦
Sun

Java System Web Proxy Server

= 4.0.7
📦
Sun

Java System Web Proxy Server

= 4.0.7
📦
Sun

Java System Web Proxy Server

= 4.0.7
📦
Sun

Java System Web Proxy Server

= 4.0.7
📦
Sun

Java System Web Proxy Server

= 4.0.7
📦
Sun

Java System Web Proxy Server

= 4.0.7

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747
🔗 http://secunia.com/advisories/32227
🔗 http://securitytracker.com/id?1021038
🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1
🔗 http://www.securityfocus.com/bid/31691
🔗 http://www.vupen.com/english/advisories/2008/2781
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45782
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747

相关漏洞威胁

CVE-2009-25977.8

The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a d...

CVE-2004-13507.5

Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote att...

CVE-2005-12327.5

Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrar...

CVE-2006-62766.8

HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application S...