cve/CVE-2019-10246.md at d265b01db84ea263ae08fa7d2c08cb82387c2083

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 03:02:30 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

Description

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.

POC

Reference

https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Github

https://github.com/Anonymous-Phunter/PHunter
https://github.com/CGCL-codes/PHunter
https://github.com/LibHunter/LibHunter

1.3 KiB Raw Blame History

CVE-2019-10246

Description

POC

Reference

Github

1.3 KiB

Raw Blame History