CVE-2004-2478
N/A
N/A
Summary
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/12703
- http://www.vupen.com/english/advisories/2006/3873
- http://www.securityfocus.com/bid/11330
- http://www-1.ibm.com/support/docview.wss?uid=swg21178665
- http://secunia.com/advisories/22229
- http://securitytracker.com/id?1016975
- http://www.securityfocus.com/archive/1/447648/100/0/threaded
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049846.html
- http://securitytracker.com/id?1011545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17600
- http://www.osvdb.org/10490
References
- http://secunia.com/advisories/12703
- http://www.vupen.com/english/advisories/2006/3873
- http://www.securityfocus.com/bid/11330
- http://www-1.ibm.com/support/docview.wss?uid=swg21178665
- http://secunia.com/advisories/22229
- http://securitytracker.com/id?1016975
- http://www.securityfocus.com/archive/1/447648/100/0/threaded
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049846.html
- http://securitytracker.com/id?1011545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17600
- http://www.osvdb.org/10490
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.