{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-09T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "sun-webproxy-ftp-bo(45782)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782"}, {"name": "31691", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31691"}, {"name": "32227", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32227"}, {"name": "1021038", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021038"}, {"name": "ADV-2008-2781", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2781"}, {"name": "20081009 Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747"}, {"name": "242986", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4541", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "sun-webproxy-ftp-bo(45782)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782"}, {"name": "31691", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31691"}, {"name": "32227", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32227"}, {"name": "1021038", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021038"}, {"name": "ADV-2008-2781", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2781"}, {"name": "20081009 Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747"}, {"name": "242986", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:17:09.876Z"}, "title": "CVE Program Container", "references": [{"name": "sun-webproxy-ftp-bo(45782)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782"}, {"name": "31691", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31691"}, {"name": "32227", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32227"}, {"name": "1021038", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021038"}, {"name": "ADV-2008-2781", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2781"}, {"name": "20081009 Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747"}, {"name": "242986", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4541", "datePublished": "2008-10-13T18:00:00", "dateReserved": "2008-10-13T00:00:00", "dateUpdated": "2024-08-07T10:17:09.876Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB8D89B7-2C74-4CDC-8708-D9FACC4DE7C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "927171C0-E754-4FC1-AA9F-6565ADE2B63D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EECC7DD-79F8-4189-91C7-2E8F5AB6A50F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "A14869F3-76A8-4407-85C8-3D9764721EF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "18658A61-81D2-4FDD-8DB2-8222CCCF85C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "C0B02862-58BD-4D29-A2D1-3A7925FA8DDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "BE09D9A5-4A81-4771-9D1F-E74845537486", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp5:*:*:*:*:*:*", "matchCriteriaId": "B4B978A8-4D6D-4E1F-94FF-3ED6ECB584C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp6:*:*:*:*:*:*", "matchCriteriaId": "D03FFC6C-1CDB-49ED-B693-DC53D87118C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9FA1C4E0-1EB0-4CDE-90D5-1A600BCBA93F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp1:*:*:*:*:*:*", "matchCriteriaId": "399B9003-1841-4F68-ABD9-EFAF8FDAFADC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp2:*:*:*:*:*:*", "matchCriteriaId": "CE035EA8-4F06-4C14-9E27-8F1533D1433B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp3:*:*:*:*:*:*", "matchCriteriaId": "9D93A98A-39F3-44C7-9150-90C3892508C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp4:*:*:*:*:*:*", "matchCriteriaId": "D2B7A60C-89B5-4851-BE12-4196A6A4D616", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp5:*:*:*:*:*:*", "matchCriteriaId": "29307BC1-6FC6-4F82-9031-E7317B2AFE64", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp6:*:*:*:*:*:*", "matchCriteriaId": "1BAD5224-978C-4317-8FA2-FF56FF022E68", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CC07AB3E-09D4-47B2-B065-8E5A73775982", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp1:*:*:*:*:*:*", "matchCriteriaId": "69CE3DFF-8BFD-45BF-BA2A-DB176BF17C38", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp2:*:*:*:*:*:*", "matchCriteriaId": "4DB543F2-7DC6-4EED-92D3-EBC12E70AC0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp3:*:*:*:*:*:*", "matchCriteriaId": "559B8C70-F680-4578-9E68-258D91B41E9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp4:*:*:*:*:*:*", "matchCriteriaId": "C7C836B7-564C-4EAD-A9EF-FB41C0533238", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp5:*:*:*:*:*:*", "matchCriteriaId": "3C5C06DE-0800-4A43-BEC1-B38811660DC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp6:*:*:*:*:*:*", "matchCriteriaId": "511AEA73-AECF-4ECF-9690-03BF516875E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "97EB8961-9F4D-498D-B2C7-421175F8FE72", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp1:*:*:*:*:*:*", "matchCriteriaId": "CF2CB27C-5F5A-4057-9B47-61365F0658C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp2:*:*:*:*:*:*", "matchCriteriaId": "766DA0FE-CAA8-4946-A4AE-4E464D0D0D5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp3:*:*:*:*:*:*", "matchCriteriaId": "67DBCAEE-BC63-4C92-8A91-839F475FBB45", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp4:*:*:*:*:*:*", "matchCriteriaId": "13903015-75DD-4F12-9E9A-F12844CEA251", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp5:*:*:*:*:*:*", "matchCriteriaId": "C48458F0-E844-4654-B450-77E2BF97B047", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp6:*:*:*:*:*:*", "matchCriteriaId": "6CA00153-D1EF-44BE-9288-00D2358DA55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D9B4BC20-945E-4F5E-A850-AE9BC30119F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "BDE95076-C3FF-41E0-A5A0-B70E779EAF77", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "4435E1C4-BAD3-4902-A5F0-3C024CE78766", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "982A6037-F163-4F48-9CF9-D07D37824565", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp4:*:*:*:*:*:*", "matchCriteriaId": "5FB0CAFB-AA1A-408D-9436-CFDAB6985FA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp5:*:*:*:*:*:*", "matchCriteriaId": "848A771F-CB1D-49BC-A1D7-48C31AA91590", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp6:*:*:*:*:*:*", "matchCriteriaId": "B976BD9A-CC17-40DD-A167-FB549460AA17", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:hp_ux:*:*:*:*:*", "matchCriteriaId": "84FAC4BC-5A3F-41E6-B881-1ABB00C8167D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:linux:*:*:*:*:*", "matchCriteriaId": "61285CF6-F5BD-4C19-B288-1EF1A9AAFBA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:sparc:*:*:*:*:*", "matchCriteriaId": "ED09307B-02D6-4861-8FF6-5EEC4CE257FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:windows:*:*:*:*:*", "matchCriteriaId": "48DEE6A3-3EED-408A-BC93-85BAB1EA336C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:x86:*:*:*:*:*", "matchCriteriaId": "1C1A1FDC-6DF3-45CF-A4B7-3847429C6C8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1F4F13A0-8097-4A06-9989-F33918FE8ADB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:hp_ux:*:*:*:*:*", "matchCriteriaId": "1693ED80-2CE6-4536-A0EA-E7D0C24FDF10", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:linux:*:*:*:*:*", "matchCriteriaId": "FDB620CE-A4C0-4A49-8022-DA5FA40FFF3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:sparc:*:*:*:*:*", "matchCriteriaId": "4BCF42A1-BAB1-40C8-959F-0AC16B542577", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:windows:*:*:*:*:*", "matchCriteriaId": "82BBA16B-3F2F-49D3-99FC-4F3A45F1B68E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:x86:*:*:*:*:*", "matchCriteriaId": "A0C6FF56-864E-408C-AFDE-68D6DC7C6880", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el subsistema FTP en Sun Java System Web Proxy Server versiones 4.0 hasta 4.0.7, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una petici\u00f3n GET de HTTP dise\u00f1ada."}], "id": "CVE-2008-4541", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-13T20:00:02.307", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32227"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1021038"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/31691"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2781"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32227"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1021038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-242986-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/31691"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2781"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45782"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}