CVE-2004-2478 in HTTP Serverinfo

Summary

Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/21/2005

Disclosure

12/31/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-22

CVSS

7.3

EPSS

0.03677

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-2478
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-2478
CVE Details	https://www.cvedetails.com/cve/CVE-2004-2478/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!