CVE-2006-0819

Опубликовано: 13 мар. 2006

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.

Ссылки

http://secunia.com/advisories/18962
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-13/advisory
Patch
Vendor Advisory
http://securityreason.com/securityalert/576
http://securitytracker.com/id?1015779
http://www.osvdb.org/23836
http://www.securityfocus.com/archive/1/427478/100/0/threaded
http://www.securityfocus.com/bid/17123
http://www.vupen.com/english/advisories/2006/0937
https://exchange.xforce.ibmcloud.com/vulnerabilities/25178
http://secunia.com/advisories/18962
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-13/advisory
Patch
Vendor Advisory
http://securityreason.com/securityalert/576
http://securitytracker.com/id?1015779
http://www.osvdb.org/23836
http://www.securityfocus.com/archive/1/427478/100/0/threaded
http://www.securityfocus.com/bid/17123
http://www.vupen.com/english/advisories/2006/0937
https://exchange.xforce.ibmcloud.com/vulnerabilities/25178

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnome:dwarf_http_server:1.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01118

Низкий

7.8 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8g2c-p4h4-ff9v

github

почти 4 года назад