CVE-2008-7227
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
14/09/2009
Last modified:
09/04/2025
Description
PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:geoserver:geoserver:*:beta4:*:*:*:*:*:* | 1.6.0 (including) | |
| cpe:2.3:a:geoserver:geoserver:1.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:pr1:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:rc6:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.0:rc7:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.4.0:m0:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.4.0:m1:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.5.0:beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.5.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.5.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:a:geoserver:geoserver:1.5.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page