Information Disclosure Vulnerability in Sun Java System Applications
CVE-2008-2120

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Application Server; Java System Web Server
Vendor: CVE Published:; 9 May 2008

Summary

A vulnerability exists in the Sun Java System Application Server and Web Server that permits remote attackers to access sensitive source code of JSP files. This can potentially lead to unauthorized disclosure of sensitive information. The issue arises from unspecified vectors that allow for such exploitation, thus leading to a compromise of the application server and web server environments. It is crucial for users of the affected versions to apply the necessary updates to mitigate this risk.

References

http://www.securitytracker.com/id?1019986

vdb-entryx_refsource_SECTRACK

http://www.securitytracker.com/id?1019985

vdb-entryx_refsource_SECTRACK

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
May 9, 2008
Vulnerability Reserved
May 9, 2008