Resin@2.1.1 Security Vulnerabilities and Issues — Resin@2.1.1 CVE List

Lucene search

Caucho TechnologyResin2.1.1

5 matches found

CVE•added 2005/08/05 4:0 a.m.•42 views

CVE-2002-2090

Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.

5CVSS6.6AI score0.00346EPSS

CVE•added 2005/07/14 4:0 a.m.•41 views

CVE-2002-1988

Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.

5CVSS7AI score0.00739EPSS

CVE•added 2005/07/14 4:0 a.m.•35 views

CVE-2002-1989

Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.

5CVSS7.1AI score0.00655EPSS

CVE•added 2005/07/14 4:0 a.m.•33 views

CVE-2002-1990

Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet.

5CVSS6.6AI score0.00346EPSS

CVE•added 2007/10/25 7:0 p.m.•33 views

CVE-2003-1513

Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment f...

4.3CVSS6AI score0.0029EPSS