Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7227

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-7227
Last Modified 15 Sep 2009 12:00:00
Published 14 Sep 2009 10:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7227

Summary

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.

Vulnerable Systems

Application

  • Geoserver 1.3.0

  • Geoserver 1.3.2

  • Geoserver 1.4.0

  • Geoserver 1.5.0

  • Geoserver 1.5.1

  • Geoserver 1.5.2

  • Geoserver 1.5.3

  • Geoserver 1.6.0

  • Geoserver 1.7.0

  • Geoserver 3.0


References

OSVDB - 43266

CONFIRM - http://jira.codehaus.org/browse/GEOS-1747


Last Updated: 27 May 2016 10:49:30