5 - SUN-201255

Executive Summary

Summary
Title	Sun Alert 201255 JSP Source Code Disclosure Vulnerability Affects Sun Java System Application Server and Web Server

Informations
Name	SUN-201255	First vendor Publication	2008-05-06
Vendor	Sun	Last vendor Modification	2008-05-06
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Sun Java System Application Server Standard Edition 7 2004Q2, Sun Java System Web Server 7.0, Sun Java System Web Server 6.1, Sun Java System Application Server Enterprise Edition 7 2004Q2

A vulnerability in Sun Java System Application Server and Sun Java System Web Server may allow unauthorized users to view the JSP source code.

State: Resolved

First released: 06-May-2008

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201255-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_201255_jsp_source

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-200	Information Exposure

CPE : Common Platform Enumeration

Type	Description	Count
Application	Sun Java System Application Server cpe:2.3:a:sun:java_system_application_server:7.0:::::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur1:standard:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur1:enterprise:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur5:standard:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur5:platform:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur2:platform:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur6:platform:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur6:standard:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur2:standard:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur2:enterprise:::::* cpe:2.3:a:sun:java_system_application_server:7.0::standard::::: cpe:2.3:a:sun:java_system_application_server:7.0::platform::::: cpe:2.3:a:sun:java_system_application_server:7.0::enterprise::::: cpe:2.3:a:sun:java_system_application_server:7.0:ur4:::::: cpe:2.3:a:sun:java_system_application_server:7.0:ur3:standard:::::* cpe:2.3:a:sun:java_system_application_server:7.0:ur3:enterprise:::::* cpe:2.3:a:sun:java_system_application_server:6.0::platform:::::	17
Application	Sun Java System Web Server cpe:2.3:a:sun:java_system_web_server:7.0:::::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp4:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp10:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp10:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp8:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:linux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp4:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp8:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:hp_ux:::::* cpe:2.3:a:sun:java_system_web_server:6.1::aix::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp4:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp11:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp10:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp4:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp48:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:x86:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp10:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp8:sparc:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:::::* cpe:2.3:a:sun:java_system_web_server:6.1::windows::::: cpe:2.3:a:sun:java_system_web_server:6.1:::::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp1:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp2:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp3:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp4:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp5:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp10:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp6:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp7:::::: cpe:2.3:a:sun:java_system_web_server:6.1::x86::::: cpe:2.3:a:sun:java_system_web_server:6.1::linux::::: cpe:2.3:a:sun:java_system_web_server:6.1::sparc::::: cpe:2.3:a:sun:java_system_web_server:6.1::hp_ux::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp8:::::: cpe:2.3:a:sun:java_system_web_server:6.1:sp6:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp7:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp8:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp9:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp4:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.1:sp5:aix:::::* cpe:2.3:a:sun:java_system_web_server:6.0:sp9:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp1:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp2:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp3:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp6:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp7:::::: cpe:2.3:a:sun:java_system_web_server:6.0:::::::* cpe:2.3:a:sun:java_system_web_server:6.0:sp4:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp5:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp8:::::: cpe:2.3:a:sun:java_system_web_server:6.0:sp10:::::: cpe:2.3:a:sun:java_system_web_server:2.0:::::::* cpe:2.3:a:sun:java_system_web_server:1.1.3:::::::* cpe:2.3:a:sun:java_system_web_server:1.1.2:::::::* cpe:2.3:a:sun:java_system_web_server:1.1_beta:::::::*	74

Open Source Vulnerability Database (OSVDB)

Id	Description
44948	Sun Java System Web Server / Application Server Unspecified JSP Source Disclo...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2008-05-29	IAVM : 2008-B-0045 - Multiple Sun Java System Application Server and Web Server Vulnerabilities Severity : Category II - VMSKEY : V0016025

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-02-06 19:08:11	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	91
osvdb(s)	1
IAVM(s)	1

	Related
5	CVE-2008-2120
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

5 - SUN-201255

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU