Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0278

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0278
Last Modified 07 Mar 2011 10:18:13
Published 26 Jan 2009 09:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0278

Summary

Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.

Vulnerable Systems

Application

  • Sun Java System Application Server 8.1

  • Sun Java System Application Server 8.2


References

SUNALERT - 245446

CONFIRM - http://sunsolve.sun.com/search/document.do?assetkey=1-21-119166-35-1

XF - javasystem-webinf-metainf-info-disclosure(48161)

VUPEN - ADV-2009-0208

BID - 33397

SECUNIA - 33725

OSVDB - 51604


Last Updated: 27 May 2016 10:50:11