CVE-2008-2401

Опубликовано: 04 июн. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications.

Ссылки

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=705
http://secunia.com/advisories/30523
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
http://www.securitytracker.com/id?1020186
http://www.vupen.com/english/advisories/2008/1742/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42832
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=705
http://secunia.com/advisories/30523
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
http://www.securitytracker.com/id?1020186
http://www.vupen.com/english/advisories/2008/1742/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42832

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sun:java_active_server:4.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01572

Низкий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-8p56-q7gm-rvhr

github

почти 4 года назад