GeoServer Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2008-7227
PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an quotin memory bufferquot which prevents the reporting of a service exception with unknown impact and attack vectors.