Lucene search

K

PRIOn knowledge basePRION:CVE-2009-1523

HistoryMay 05, 2009 - 5:30 p.m.

Directory traversal

2009-05-0517:30:00

PRIOn knowledge base

www.prio-n.com

7

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.028 Low

EPSS

Percentile

90.4%

Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.

CPENameOperatorVersion
jettyeq1.0.1
jettyeq6.1.5
jettyeq6.1.0
jettyeq6.1.12 rc3
jettyeq4.2.25
jettyeq5.1.3 rc0
jettyeq6.0.0 beta14
jettyeq6.1.0 pre3
jettyeq1.3.1
jettyeq3.0.0-a3

Rows per page:

1-10 of 3321

References

itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388

jira.codehaus.org/browse/JETTY-1004

secunia.com/advisories/34975

secunia.com/advisories/35143

secunia.com/advisories/35225

secunia.com/advisories/35776

secunia.com/advisories/40553

www.kb.cert.org/vuls/id/402580

www.kb.cert.org/vuls/id/CRDY-7RKQCY

www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

www.securityfocus.com/bid/34800

www.securityfocus.com/bid/35675

www.securitytracker.com/id?1022563

www.vupen.com/english/advisories/2009/1900

www.vupen.com/english/advisories/2010/1792

bugzilla.redhat.com/show_bug.cgi?id=499867

www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.html

www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.html

www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.html

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.028 Low

EPSS

Percentile

90.4%

Related for PRION:CVE-2009-1523

ubuntucve2 veracode1 cvelist2 openvas9 osv1 nessus6 cve2 github1 vmware2 fedora3 prion1 securityvulns3 ibm2 oracle1