CVE-2007-2441

medium

Description

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34293

http://www.vupen.com/english/advisories/2007/1824

http://www.securitytracker.com/id?1018061

http://www.securityfocus.com/bid/23985

http://www.caucho.com/resin-3.1/changes/changes.xtp

http://secunia.com/advisories/25286

http://osvdb.org/36057

Details

Source: Mitre, NVD

Published: 2007-05-16

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N