Published: 31/12/2009 Updated: 14/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

httpdx 1.4.4 and previous versions allows remote malicious users to obtain the source code for a web page by appending a . (dot) character to the URI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jasper httpdx 1.4.3
jasper httpdx
jasper httpdx 1.4

source: wwwsecurityfocuscom/bid/44141/info The 'httpdx' application is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input An attacker can exploit this vulnerability to view the source code of files in the context of the server process This may aid in further attacks Versions prio ...

CWE-200 http://packetstormsecurity.org/0910-exploits/httpdx-disclose.txt http://freetexthost.com/eiyfyt0km5 http://pocoftheday.blogspot.com/2009/10/httpdx-144-remote-arbitrary-source.html http://secunia.com/advisories/37013 http://www.osvdb.org/58857 https://exchange.xforce.ibmcloud.com/vulnerabilities/53733 https://nvd.nist.gov https://www.exploit-db.com/exploits/34846/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-4531

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect