Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2401


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2401
Last Modified 07 Mar 2011 10:09:08
Published 04 Jun 2008 04:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications.

Vulnerable Systems


  • Sun Java Active Server 4.0.2


XF - sunjava-file-creation-code-execution(42832)

VUPEN - ADV-2008-1742

SECTRACK - 1020186

SUNALERT - 238184

SECUNIA - 30523

IDEFENSE - 20080603 Sun Java System Active Server Pages File Creation Vulnerability

Last Updated: 27 May 2016 10:47:51