Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2007-6672

Published: 08/01/2008 Updated: 30/10/2012
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Jetty

Vulnerability Summary

Mortbay Jetty 6.1.5 and 6.1.6 allows remote malicious users to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.

Vulnerable Product Search on Vulmon Subscribe to Product

mortbay jetty jetty 6.1.6

mortbay jetty jetty 6.1.5

Vendor Advisories

Debian CVElist Bug Report Logs: jetty5: CVE-2007-6672 unauthorized disclosure of information
Debian Bug report logs - #462793 jetty5: CVE-2007-6672 unauthorized disclosure of information Package: jetty; Maintainer for jetty is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Nico Golde <nion@debianorg> Date: Sun, 27 Jan 2008 15:27:01 UTC Severity: grave Tags: security D ...

References

CWE-22http://jira.codehaus.org/browse/JETTY-386#action_117699http://jira.codehaus.org/browse/JETTY/fixforversion/13950http://www.kb.cert.org/vuls/id/553235http://www.securityfocus.com/bid/27117http://secunia.com/advisories/28322http://www.igniterealtime.org/community/message/163752http://secunia.com/advisories/28547http://www.vupen.com/english/advisories/2008/0079http://osvdb.org/39855https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462793https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/553235
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook