Resin@* Security Vulnerabilities and Issues — Resin@* CVE List

Lucene search

Caucho TechnologyResin*

4 matches found

CVE•added 2007/05/16 7:28 p.m.•45 views

CVE-2007-2440

Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.

5CVSS6.5AI score0.09482EPSS

CVE•added 2007/05/16 7:28 p.m.•35 views

CVE-2007-2441

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.

5CVSS6.7AI score0.0903EPSS

CVE•added 2007/05/16 7:28 p.m.•33 views

CVE-2007-2439

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.

9.4CVSS6.9AI score0.01556EPSS

CVE•added 2002/03/09 5:0 a.m.•29 views

CVE-2001-0828

A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.

5.1CVSS5.9AI score0.00957EPSS