CVE-2008-2120

Summary

CVE	CVE-2008-2120
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2008-05-09 15:20:00 UTC
Updated	2017-08-08 01:30:00 UTC
Description	Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

Risk And Classification

Problem Types: CWE-200

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Sun	Java System Application Server	All	All	All	All
Application	Sun	Java System Web Server	7.0	All	All	All
Application	Sun	Java System Web Server	7.0	All	All	All
Application	Sun	Java System Web Server	All	sp7	All	All

References

Reference	Source	Link	Tags
SecurityTracker.com Archives - Sun Java System Web Server Discloses JSP Source Code to Remote Users	SECTRACK	www.securitytracker.com
SecurityTracker.com Archives - Sun Java System Application Server Discloses JSP Source Code to Remote Users	SECTRACK	www.securitytracker.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Sun Java System Application Server and Web Server JSP Information Disclosure Vulnerability	BID	www.securityfocus.com	Patch
201255	SUNALERT	sunsolve.sun.com	Patch
Sun Java System Web Server / Application Server JSP Information Disclosure - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.