CVE-2009-0278
CVE-2009-0278 affects Sun Java System Application Server (AS) 8.1 and 8.2. A remote attacker can read Web Application configuration files in WEB-INF or META-INF via a malformed request, exposing sensitive information. Connected sources indicate vendor patches exist (e.g., SunSolve documents such ...