Caucho Technology: >> Resin >> 3.0.18 Security Vulnerabilities
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
CVSS Score
7.8
EPSS Score
0.009
Published
2006-05-17
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain the source code for file under the web root via the file parameter.
CVSS Score
5.0
EPSS Score
0.051
Published
2006-05-17
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant path disclosure when the parameter is invalid.
CVSS Score
5.0
EPSS Score
0.017
Published
2006-05-17