Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/51604 - | |
References | () http://secunia.com/advisories/33725 - | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-21-119166-35-1 - Patch | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-66-245446-1 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/33397 - | |
References | () http://www.vupen.com/english/advisories/2009/0208 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/48161 - |
Information
Published : 2009-01-27 02:30
Updated : 2024-11-21 00:59
NVD link : CVE-2009-0278
Mitre link : CVE-2009-0278
CVE.ORG link : CVE-2009-0278
JSON object : View
Products Affected
sun
- java_system_application_server
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor