Description

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.

Remediation

References

CVE-2008-7227

Related Vulnerabilities

WordPress Plugin Gallery-Responsive Photo and Video Gallery by Limb Cross-Site Scripting (1.3.2)

Oracle Database Server CVE-2008-2592 Vulnerability (CVE-2008-2592)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8286)

Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.18)

WordPress Plugin iubenda-All-in-one Compliance for GDPR/CCPA Cookie Consent + more Privilege Escalation (3.3.2)

Severity

Medium

Classification

CVE-2008-7227 CWE-119

Tags

Missing Update Known Vulnerabilities