Description

PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.

Remediation

References

CVE-2008-7227

Related Vulnerabilities

Microsoft SQL Server Other Vulnerability (CVE-2000-1088)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8052)

WordPress Plugin Timesheet by BestWebSoft Cross-Site Scripting (0.1.4)

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)

WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator SQL Injection (4.4.2)

Severity

Medium

Classification

CVE-2008-7227 CWE-119

Tags

Missing Update Known Vulnerabilities