CVE-2008-2403

CWE-22Path Traversal3 documents3 sources
Severity
10.0CRITICAL
EPSS
1.0%
top 23.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Java ASP Server
Timeline
PublishedJun 4
Latest updateMay 1

Description

Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsun/java_asp_server4.0.2+2

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-p683-ffvw-hc4p: Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 42022-05-01
CVEList
CVE-2008-2403: Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 42008-06-04
CVE-2008-2403 (CRITICAL CVSS 10) | Multiple directory traversal vulner | cvebase.io