7.1 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.028 Low
EPSS
Percentile
90.4%
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
jira.codehaus.org/browse/JETTY-1004
secunia.com/advisories/34975
secunia.com/advisories/35143
secunia.com/advisories/35225
secunia.com/advisories/35776
secunia.com/advisories/40553
www.kb.cert.org/vuls/id/402580
www.kb.cert.org/vuls/id/CRDY-7RKQCY
www.oracle.com/technetwork/topics/security/cpujul2009-091332.html
www.securityfocus.com/bid/34800
www.securityfocus.com/bid/35675
www.securitytracker.com/id?1022563
www.vupen.com/english/advisories/2009/1900
www.vupen.com/english/advisories/2010/1792
bugzilla.redhat.com/show_bug.cgi?id=499867
www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.html
www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.html
www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.html