Information Disclosure in Fujitsu Interstage Application Server and Apworks/Studio
CVE-2007-5366

Currently unrated

Key Information:

Vendor: Fujitsu
Status: Interstage Application Server; Interstage Apworks; Interstage Studio
Vendor: CVE Published:; 11 October 2007

What is CVE-2007-5366?

The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server versions 7.0 to 9.0.0 and Interstage Apworks/Studio versions 7.0 to 9.0.0 is susceptible to information disclosure. This vulnerability allows remote attackers to gain access to sensitive information, specifically the web root path, via unaddressed methods that generate error messages. The issue is likely associated with the use of the useCanonCaches JVM option being enabled, highlighting the importance of secure configuration and coding practices in web applications.

References

http://secunia.com/advisories/27136

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/37026

vdb-entryx_refsource_XF

http://osvdb.org/41318

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2007
Vulnerability Reserved
Oct 10, 2007

JSON