Caucho Resin 3.1 Encoded Space %20 Request Path Disclosure

ID EDB-ID:30037
Type exploitdb
Reporter Derek Abdine
Modified 2007-05-15T00:00:00


Caucho Resin 3.1 Encoded Space (%20) Request Path Disclosure. CVE-2007-2441. Remote exploit for windows platform


Caucho Resin is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data.

Attackers can exploit these issues to access potentially sensitive data that may aid in further attacks.

Resin 3.1.0 is vulnerable; other versions may also be affected.

NOTE: According to the application's 3.1.1 change log, these issues affect the server only when installed on Microsoft Windows.