製品・ソフトウェアに関する情報

JVN脆弱性詳細

Sun Java System Web Server におけるバッファオーバーフローの脆弱性

Title	Sun Java System Web Server におけるバッファオーバーフローの脆弱性
Summary	Sun Java System Web Server には、バッファオーバーフローの脆弱性が存在します。
Possible impacts	不特定の影響を受ける可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Nov. 5, 2009, midnight
Registration Date	Dec. 20, 2012, 7:28 p.m.
Last Update	Dec. 20, 2012, 7:28 p.m.

Affected System

サン・マイクロシステムズ

Sun Java System Web Server 7.0 Update 6

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2009-3878	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3878
National Vulnerability Database (NVD)
2	CVE-2009-3878	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3878

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Sun
1	Top Page	http://www.oracle.com/us/sun/index.htm

Change Log

No	Changed Details	Date of change
0	[2012年12月20日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2009-3878

Summary	Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Summary	Desbordamiento de búfer en Sun Java System Web Server v7.0 Update 6 con impacto no especificado y vectores de ataque remoto, como se demuestra por el módulo vd_sjws en VulnDisco Pack Professional v8.12. NOTA: a la fecha 05/11/2009, no hay ninguna información para utilizar esta vulnerabilidad. Sin embargo debido a que el autor de VulnDisco es un investigador reputado, se ha asignado un identificador CVE con el fin de hacerle un seguimiento.
Publication Date	Nov. 6, 2009, 1:30 a.m.
Registration Date	Jan. 29, 2021, 1:25 p.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:sun:java_system_web_server:7.0:update_6::::::

Related information, measures and tools

No	URL	refsource
1	http://intevydis.com/vd-list.shtml	cve@mitre.org
2	http://secunia.com/advisories/37115	cve@mitre.org
3	http://www.h-online.com/security/news/item/Alleged-critical-vulnerability-in-Sun-Java-System-Web-Server-839598.html	cve@mitre.org
4	http://www.intevydis.com/blog/?p=79	cve@mitre.org
5	http://www.osvdb.org/59497	cve@mitre.org
6	http://www.vupen.com/english/advisories/2009/3024	cve@mitre.org
7	https://exchange.xforce.ibmcloud.com/vulnerabilities/54065	cve@mitre.org
8	http://intevydis.com/vd-list.shtml	af854a3a-2127-422b-91ae-364da2661108
9	http://secunia.com/advisories/37115	af854a3a-2127-422b-91ae-364da2661108
10	http://www.h-online.com/security/news/item/Alleged-critical-vulnerability-in-Sun-Java-System-Web-Server-839598.html	af854a3a-2127-422b-91ae-364da2661108
11	http://www.intevydis.com/blog/?p=79	af854a3a-2127-422b-91ae-364da2661108
12	http://www.osvdb.org/59497	af854a3a-2127-422b-91ae-364da2661108
13	http://www.vupen.com/english/advisories/2009/3024	af854a3a-2127-422b-91ae-364da2661108
14	https://exchange.xforce.ibmcloud.com/vulnerabilities/54065	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html