Vulnerability CVE-2009-1523

Vulnerability CVE-2009-1523

Published: 2009-05-05 Modified: 2012-02-13

Description:

Type:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
Mortbay -> Jetty

http://www.kb.cert.org/vuls/id/402580

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.html

https://bugzilla.redhat.com/show_bug.cgi?id=499867

http://www.vupen.com/english/advisories/2010/1792

http://www.vupen.com/english/advisories/2009/1900

http://www.securitytracker.com/id?1022563

http://www.securityfocus.com/bid/35675

http://www.securityfocus.com/bid/34800

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html

http://www.kb.cert.org/vuls/id/CRDY-7RKQCY

http://secunia.com/advisories/40553

http://secunia.com/advisories/35776

http://secunia.com/advisories/35225

http://secunia.com/advisories/35143

http://secunia.com/advisories/34975

http://jira.codehaus.org/browse/JETTY-1004

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388