2 matches found
CVE-2006-0819
CVE-2006-0819 affects Dwarf HTTP Server 1.3.2. A validation error in the requested URL filename extension (dot/space/slash/NULL characters) allows remote disclosure of JSP source. Secunia also notes unsanitized error responses enabling XSS. Mitigation: update to version 1.3.3.
Secunia Research: Dwarf HTTP Server Source Disclosure and Cross-Site Scripting
====================================================================== Secunia Research 13/03/2006 - Dwarf HTTP Server Source Disclosure and Cross-Site Scripting - ====================================================================== Table of Contents Affected...