CVE-2006-2437

2006-05-1710:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.3%

JSON

The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain the source code for file under the web root via the file parameter.

References

archives.neohapsis.com/archives/fulldisclosure/2006-05/0384.html

securityreason.com/securityalert/908

www.securityfocus.com/archive/1/434145

www.securityfocus.com/bid/18007

www.vupen.com/english/advisories/2006/1831