← Retour aux CVEs
CVE-2009-2445
N/ADescription
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.
Details CVE
Score CVSS v3.1N/A
Publie7/13/2009
Derniere modification4/23/2026
Sourcenvd
Observations honeypot0
Produits affectes
sun:java_system_web_server
Faiblesses (CWE)
CWE-200
References
http://isowarez.de/SunOne_Webserver.txt(cve@mitre.org)
http://jvn.jp/en/jp/JVN47124169/index.html(cve@mitre.org)
http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069(cve@mitre.org)
http://secunia.com/advisories/35701(cve@mitre.org)
http://securitytracker.com/id?1022511(cve@mitre.org)
http://www.osvdb.org/55655(cve@mitre.org)
http://www.vupen.com/english/advisories/2009/1786(cve@mitre.org)
http://isowarez.de/SunOne_Webserver.txt(af854a3a-2127-422b-91ae-364da2661108)
http://jvn.jp/en/jp/JVN47124169/index.html(af854a3a-2127-422b-91ae-364da2661108)
http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35701(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1022511(af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/55655(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1786(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.