JSP Source Code Disclosure Vulnerability in Sun Java System Application Server
CVE-2007-4025

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Application Server
Vendor: CVE Published:; 26 July 2007

Summary

An unspecified vulnerability in the Sun Java System Application Server versions 8.1 through 9.0 prior to July 24, 2007, allows remote attackers to access JSP source code. This occurs through unidentified vectors, potentially exposing sensitive application details and leading to further exploitation.

References

http://www.securityfocus.com/bid/25058

vdb-entryx_refsource_BID

http://osvdb.org/37250

vdb-entryx_refsource_OSVDB

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Jul 26, 2007
Vulnerability Reserved
Jul 26, 2007