← back
CVE-2007-6672

CVE-2007-6672

EPSS 3.8%
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jira.codehaus.org/browse/JETTY-386#action_117699http://jira.codehaus.org/browse/JETTY/fixforversion/13950http://osvdb.org/39855http://secunia.com/advisories/28322http://secunia.com/advisories/28547http://www.igniterealtime.org/community/message/163752http://www.kb.cert.org/vuls/id/553235http://www.securityfocus.com/bid/27117http://www.vupen.com/english/advisories/2008/0079