CVE-2007-5366
Summary
| CVE | CVE-2007-5366 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-11 10:17:00 UTC |
| Updated | 2017-07-29 01:33:00 UTC |
| Description | The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fujitsu | Interstage Application Server | 7.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 7.0 | All | plus | All |
| Application | Fujitsu | Interstage Application Server | 7.0 | All | plus_developer | All |
| Application | Fujitsu | Interstage Application Server | 7.0.1 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 7.0.1 | All | plus | All |
| Application | Fujitsu | Interstage Application Server | 8.0.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.1 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.1 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.2 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.2 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.3 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.3 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 9.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 9.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 9.0a | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 9.0a | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 7.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 7.0 | All | plus | All |
| Application | Fujitsu | Interstage Application Server | 7.0 | All | plus_developer | All |
| Application | Fujitsu | Interstage Application Server | 7.0.1 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 7.0.1 | All | plus | All |
| Application | Fujitsu | Interstage Application Server | 8.0.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.1 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.1 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.2 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.2 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 8.0.3 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 8.0.3 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 9.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 9.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Application Server | 9.0a | All | enterprise | All |
| Application | Fujitsu | Interstage Application Server | 9.0a | All | standard_j | All |
| Application | Fujitsu | Interstage Apworks | 7.0 | All | modelers_j | All |
| Application | Fujitsu | Interstage Apworks | 8.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Apworks | 8.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Apworks | 7.0 | All | modelers_j | All |
| Application | Fujitsu | Interstage Apworks | 8.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Apworks | 8.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Studio | 8.01 | All | enterprise | All |
| Application | Fujitsu | Interstage Studio | 8.01 | All | standard_j | All |
| Application | Fujitsu | Interstage Studio | 9.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Studio | 9.0 | All | standard_j | All |
| Application | Fujitsu | Interstage Studio | 8.01 | All | enterprise | All |
| Application | Fujitsu | Interstage Studio | 8.01 | All | standard_j | All |
| Application | Fujitsu | Interstage Studio | 9.0 | All | enterprise | All |
| Application | Fujitsu | Interstage Studio | 9.0 | All | standard_j | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Interstage Application Server Full Path Disclosure Weakness - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| This page provides Security Information. : FUJITSU | CONFIRM | www.fujitsu.com | |
| 41318 | OSVDB | osvdb.org | |
| Interstage Application Server Web Root Path Disclosure Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.