Lucene search
Ubuntu.comUB:CVE-2008-6505HistoryMar 23, 2009 - 12:00 a.m.
CVE-2008-6505
2009-03-2300:00:00
ubuntu.com
ubuntu.com
7
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.966 High
EPSS
Percentile
99.6%
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before
2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary
files via a …%252f (encoded dot dot slash) in a URI with a /struts/ path,
related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader
in 2.1.x.
Notes
| Author | Note |
|---|---|
| kees | does not seem to apply to 1.2.x series |
Related
cve
cve
CVE-2008-6505
2009-03-23 14:19:12
veracode
veracode
Directory Traversal
2018-11-09 05:13:20
openvas
openvas
Apache Struts Security Update (S2-004) - Active Check
2009-04-23 00:00:00
Apache Struts Security Update (S2-004) - Version Check
2021-09-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Struts Classes Directory Traversal (CVE-2008-6505)
2009-10-04 00:00:00
nvd
nvd
CVE-2008-6505
2009-03-23 14:19:12
cvelist
cvelist
CVE-2008-6505
2009-03-23 14:00:00
osv
osv
Apache Struts directory traversal vulnerability
2022-05-17 05:52:21
prion
prion
Directory traversal
2009-03-23 14:19:00
github
github
Apache Struts directory traversal vulnerability
2022-05-17 05:52:21
nessus
nessus
Apache Struts 2 < 2.0.12 / 2.1.3 Dispatcher Directory Traversal
2008-11-24 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.966 High
EPSS
Percentile
99.6%
Related for UB:CVE-2008-6505