CVE-2009-2445

Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://isowarez.de/SunOne_Webserver.txt	Exploit
http://jvn.jp/en/jp/JVN47124169/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069
http://secunia.com/advisories/35701	Vendor Advisory
http://securitytracker.com/id?1022511	Exploit
http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1	Vendor Advisory
http://www.osvdb.org/55655
http://www.vupen.com/english/advisories/2009/1786	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:java_system_web_server:6.1::windows:::::
	cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp11:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:7.0:update_5:windows:::::*
	cpe:2.3:a:sun:java_system_web_server:7.0:update_6:windows:::::*

History

No history.

Information

Published : 2009-07-13 17:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-2445

Mitre link : CVE-2009-2445

CVE.ORG link : CVE-2009-2445

JSON object : View

Products Affected

sun

java_system_web_server

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2009-2445", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-07-13T17:30:00.187", "references": [{"url": "http://isowarez.de/SunOne_Webserver.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://jvn.jp/en/jp/JVN47124169/index.html", "source": "cve@mitre.org"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2009-002069", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35701", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1022511", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-266429-1", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/55655", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1786", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI."}, {"lang": "es", "value": "iPlanet Web Server de Oracle (anteriormente Sun Java System Web Server o Sun ONE Web Server) versi\u00f3n 6.1 anterior a SP12, y versi\u00f3n 7.0 hasta Update 6, cuando se ejecutan en Windows, permite a los atacantes remotos leer archivos JSP arbitrarios por medio de una sintaxis de flujo de datos alternativa, como es demostrado por un URI .jsp::$DATA."}], "lastModified": "2011-08-29T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:*:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCFD3C8D-6E79-4DA6-A600-D952C8E5A151"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp10:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7BDC9E6-87C4-4AE1-AEAD-518CCFF853E0"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp11:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC9F5EA1-0CE5-417E-AE65-F4C47376DEEC"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp4:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A018481B-EB48-4C4E-A1E4-324DCC437441"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp5:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0FEC983-91A6-4708-8308-B77B0FD2D9DD"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp6:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "431D609A-AA61-4C7C-8F4A-8B01DB2E32E0"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp7:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CBE122-47ED-4659-B15A-55FAF15BA63C"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp8:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3866A08-0CFA-473D-BBE5-4736282A6446"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:6.1:sp9:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4541C58C-45F1-4F17-82B9-E33BE693D8DB"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:7.0:update_5:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DE90647-CF0D-4920-9F7A-B13572D7D71A"}, {"criteria": "cpe:2.3:a:sun:java_system_web_server:7.0:update_6:windows:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C705F770-5086-4926-A110-A32D4170B8A6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}