Moderate severityNVD Advisory· Published Apr 30, 2007· Updated Jun 16, 2026
CVE-2007-2353
CVE-2007-2353
Description
Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.axis:axisMaven | < 1.2 | 1.2 |
Affected products
2Patches
Vulnerability mechanics
References
10- www.securityfocus.com/bid/23687nvdExploit
- github.com/advisories/GHSA-2c4w-2px5-9x3xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-2353ghsaADVISORY
- attrition.org/pipermail/vim/2007-April/001562.htmlnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/34167nvdWEB
- github.com/albfernandez/axis1-java/commit/32f35038ecae2c7a7f2e904b2289fd383f6f4d1fghsaWEB
- github.com/albfernandez/axis1-java/issues/34ghsaWEB
- github.com/apache/axis-axis1-java/commit/2fdbb91c5e861e804db70cada188b1d7c1603513ghsaWEB
- github.com/apache/axis-axis1-java/commit/7ba89deb2eb21615630f18e96a35bfdec7f7cfedghsaWEB
- www.osvdb.org/34154nvd
News mentions
0No linked articles in our index yet.