Caucho Resin 3.1 - Encoded Space Request Full Path Disclosure

EDB-ID:

30037




Platform:

Windows

Date:

2007-05-15


source: https://www.securityfocus.com/bid/23985/info

Caucho Resin is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data.

Attackers can exploit these issues to access potentially sensitive data that may aid in further attacks.

Resin 3.1.0 is vulnerable; other versions may also be affected.

NOTE: According to the application's 3.1.1 change log, these issues affect the server only when installed on Microsoft Windows. 

http://www.example.com:8080/%20