VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 13, 2008· Updated Apr 23, 2026

CVE-2008-4541

CVE-2008-4541

Description

Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.

Affected products

48
  • Sun Corporation/Java System Web Proxy Server48 versions
    cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*+ 47 more
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp6:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:hp_ux:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:linux:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:sparc:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:windows:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.6:*:x86:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:hp_ux:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:linux:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:sparc:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:windows:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0.7:*:x86:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_proxy_server:4.0:sp1:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.