Lucene search

K
cve[email protected]CVE-2007-5366
HistoryOct 11, 2007 - 10:17 a.m.

CVE-2007-5366

2007-10-1110:17:00
CWE-22
web.nvd.nist.gov
29
tomcat
fujitsu
interstage
application server
cve-2007-5366
security
vulnerability

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.1%

The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option.

Affected configurations

NVD
Node
fujitsuinterstage_application_serverMatch7.0enterprise
OR
fujitsuinterstage_application_serverMatch7.0plus
OR
fujitsuinterstage_application_serverMatch7.0plus_developer
OR
fujitsuinterstage_application_serverMatch7.0.1enterprise
OR
fujitsuinterstage_application_serverMatch7.0.1plus
OR
fujitsuinterstage_application_serverMatch8.0.0enterprise
OR
fujitsuinterstage_application_serverMatch8.0.0standard_j
OR
fujitsuinterstage_application_serverMatch8.0.1enterprise
OR
fujitsuinterstage_application_serverMatch8.0.1standard_j
OR
fujitsuinterstage_application_serverMatch8.0.2enterprise
OR
fujitsuinterstage_application_serverMatch8.0.2standard_j
OR
fujitsuinterstage_application_serverMatch8.0.3enterprise
OR
fujitsuinterstage_application_serverMatch8.0.3standard_j
OR
fujitsuinterstage_application_serverMatch9.0enterprise
OR
fujitsuinterstage_application_serverMatch9.0standard_j
OR
fujitsuinterstage_application_serverMatch9.0aenterprise
OR
fujitsuinterstage_application_serverMatch9.0astandard_j
OR
fujitsuinterstage_apworksMatch7.0modelers_j
OR
fujitsuinterstage_apworksMatch8.0enterprise
OR
fujitsuinterstage_apworksMatch8.0standard_j
OR
fujitsuinterstage_studioMatch8.01enterprise
OR
fujitsuinterstage_studioMatch8.01standard_j
OR
fujitsuinterstage_studioMatch9.0enterprise
OR
fujitsuinterstage_studioMatch9.0standard_j

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.1%

Related for CVE-2007-5366