Published: 24/08/2002 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Blazix prior to 1.2.2 allows remote malicious users to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.

Vulnerable Product	Search on Vulmon	Subscribe to Product
desiderata software blazix 1.2.1
desiderata software blazix 1.2

source: wwwsecurityfocuscom/bid/5567/info Blazix is a freely available, open source web server written in Java It is available for Linux and Microsoft Windows operating systems Blazix does not properly handle some special characters when appended to requests By passing a special character with a request to the web server, it is possib ...

source: wwwsecurityfocuscom/bid/5566/info Blazix is a freely available, open source web server written in Java It is available for Linux and Microsoft Windows operating systems When a user passes a request to the web server that ends in either a plus (+) or backslash (\), the web server may react unpredictably This type of character a ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.html http://www.securityfocus.com/bid/5566 http://www.iss.net/security_center/static/9952.php http://www.securityfocus.com/bid/5567 https://nvd.nist.gov https://www.exploit-db.com/exploits/21752/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1451

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect