Information Disclosure Vulnerability in Sun Java System Application Server
CVE-2009-0278
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 27 January 2009
Summary
The Sun Java System Application Server versions 8.1 and 8.2 are susceptible to an information disclosure vulnerability that allows remote attackers to access sensitive Web Application configuration files located in the WEB-INF or META-INF directories. By crafting a malformed request, attackers can exploit this flaw to read confidential configurations, potentially aiding in further attacks or unauthorized access.
References
Timeline
Vulnerability published
Vulnerability Reserved