Information disclosure in Sun Java_system_application_server

CVE-2008-2120

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

Vulnerability class: Information Disclosure

EPSS: 0.022 (80.5th percentile) — read the EPSS interpretation.

Affected products

Sun Java_system_application_server
Sun Java_system_web_server — versions 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUNALERT)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID)