CVE-2007-6672

CVSS v2.0 5 (Medium)

EPSS 1.24 % (86^th)

Affected Products 1

Advisories 3

Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.

Weaknesses

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2008-01-08 11:46:00
(16 years ago)
Updated Date: 2012-10-30 03:04:39
(12 years ago)

Affected Products

Mortbay Jetty

Jetty

Configuration #1

		CPE23	From	Up To
	Mortbay Jetty Jetty 6.1.5	cpe:2.3:a:mortbay_jetty:jetty:6.1.5
	Mortbay Jetty Jetty 6.1.6	cpe:2.3:a:mortbay_jetty:jetty:6.1.6