← volver
CVE-2007-6672

CVE-2007-6672

EPSS 3.8%
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://jira.codehaus.org/browse/JETTY-386#action_117699http://jira.codehaus.org/browse/JETTY/fixforversion/13950http://osvdb.org/39855http://secunia.com/advisories/28322http://secunia.com/advisories/28547http://www.igniterealtime.org/community/message/163752http://www.kb.cert.org/vuls/id/553235http://www.securityfocus.com/bid/27117http://www.vupen.com/english/advisories/2008/0079