Vulnerabilities > CVE-2007-2441 - Information Disclosure vulnerability in Caucho Resin
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Caucho Resin 3.1 Encoded Space (%20) Request Path Disclosure. CVE-2007-2441. Remote exploit for windows platform |
id | EDB-ID:30037 |
last seen | 2016-02-03 |
modified | 2007-05-15 |
published | 2007-05-15 |
reporter | Derek Abdine |
source | https://www.exploit-db.com/download/30037/ |
title | Caucho Resin 3.1 Encoded Space %20 Request Path Disclosure |
References
- http://osvdb.org/36057
- http://secunia.com/advisories/25286
- http://www.caucho.com/resin-3.1/changes/changes.xtp
- http://www.rapid7.com/advisories/R7-0030.jsp
- http://www.securityfocus.com/bid/23985
- http://www.securitytracker.com/id?1018061
- http://www.vupen.com/english/advisories/2007/1824
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34293