Detections
Analytics
CVE-2008-2403
critical
Description
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/42831
http://www.vupen.com/english/advisories/2008/1742/references
http://www.securitytracker.com/id?1020188
http://www.securityfocus.com/bid/29538
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
http://secunia.com/advisories/30523
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=707