VULHUB ™

When processing requests coded with the 'Chunked Encoding' mechanism, Sun ONE/iPlanet fails to properly calculate required buffer sizes. Consequently, several conditions may occur that have security implications. A remote attacker may craft a specially malformed session in order to overwrite the heap of the target system. It has been reported that a buffer overrun may occur. Exploitation of these conditions may result in the execution of arbitrary code or a denial of service attack.

When processing requests coded with the 'Chunked Encoding' mechanism, Sun ONE/iPlanet fails to properly calculate required buffer sizes. Consequently, several conditions may occur that have security implications. A remote attacker may craft a specially malformed session in order to overwrite the heap of the target system. It has been reported that a buffer overrun may occur. Exploitation of these conditions may result in the execution of arbitrary code or a denial of service attack.