StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2007-10-18 18:17
Updated : 2024-02-28 11:01
NVD link : CVE-2007-5473
Mitre link : CVE-2007-5473
CVE.ORG link : CVE-2007-5473
JSON object : View
Products Affected
mono
- mono
microsoft
- windows
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor