mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
214 lines
8.3 KiB
JSON
214 lines
8.3 KiB
JSON
{
|
|
"id": "CVE-2007-5366",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-10-11T10:17:00.000",
|
|
"lastModified": "2017-07-29T01:33:37.803",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El Tomcat 4.1-based Servlet Service en Fujitsu Interstage Application Server 7.0 hasta la 9.0.0 y Interstage Apworks/Studio 7.0 hasta la 9.0.0 permite a atacantes remotos obtener informaci\u00f3n sensible (ruta del ra\u00edz web) a trav\u00e9s de vectores no especificados que disparan un mensaje de error, probablemente relacionado con el permiso de la opci\u00f3n useCanonCaches Java Virtual Machine (JVM)."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-22"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "99AC7276-3FF3-42D0-AA5A-E807C916E1AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:plus:*:*:*:*:*",
|
|
"matchCriteriaId": "CEEEE36C-E14C-4D0F-B382-0903D104E578"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:plus_developer:*:*:*:*:*",
|
|
"matchCriteriaId": "C23324B8-E010-4E21-ADEF-58FC0A0D2BFB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:7.0.1:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "390FBC71-1CF2-4D05-9931-9F4E7ED9C096"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:7.0.1:*:plus:*:*:*:*:*",
|
|
"matchCriteriaId": "BDD9380C-8224-44C5-9688-F3134A6A0C04"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "E7F2EDBD-8799-4EAF-9925-3C07FAEEBE77"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "AA6ED703-53F9-4536-8E1D-46C30E547B06"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.1:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "68B3EF82-0491-41D1-AB3F-FED1012F3BDF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.1:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "DA20FDEB-40D5-4F73-B365-AD025C7348DD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.2:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "BCD4B39A-E25A-4F9F-8D8F-D0990DFC9DF8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.2:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "28BB7A8E-8AC3-4FC3-8668-067124DF4091"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "413AB29F-2B9D-409B-A24B-2660347317EB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "90E8DFDD-8909-4317-B87A-768013BECB7A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:9.0:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "63C58135-5452-47A0-BB14-BC5A3B14B043"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:9.0:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "CE82AE4E-4E65-437B-B367-A6905400D372"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:9.0a:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "B435EA8E-21BE-491B-81E6-7A02DBE9A5DF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_application_server:9.0a:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "93B3414A-9521-43C4-87EC-151FF3567203"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_apworks:7.0:*:modelers_j:*:*:*:*:*",
|
|
"matchCriteriaId": "5CD7B921-18CA-47B7-B020-9B3371485007"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_apworks:8.0:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "D9D08EBC-EAB5-4D2F-9B62-BA96D9B25EB6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_apworks:8.0:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "E44622B8-0EFE-4A80-BB0D-0D2646D067AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_studio:8.01:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "6D12EF8C-FEAB-4666-8F7E-49CAD77933B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_studio:8.01:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "3605D6E6-2C4D-4837-9587-C12645022582"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_studio:9.0:*:enterprise:*:*:*:*:*",
|
|
"matchCriteriaId": "DB3CDB47-DF42-4988-A7A3-1908FC36017D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fujitsu:interstage_studio:9.0:*:standard_j:*:*:*:*:*",
|
|
"matchCriteriaId": "763121B4-8990-4876-B0DC-D7F75A1300A1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://osvdb.org/41318",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/27136",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200705e.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/25988",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37026",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |