Unrated severityNVD Advisory· Published Feb 22, 2008· Updated Jun 16, 2026
CVE-2008-0904
CVE-2008-0904
Description
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL.
Affected products
7cpe:2.3:a:bea_systems:aqualogic_interaction:4.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:bea_systems:aqualogic_interaction:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:bea_systems:aqualogic_interaction:4.2_mp1:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:a:bea_systems:plumtree_collaboration:4.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:bea_systems:plumtree_collaboration:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:bea_systems:plumtree_collaboration:4.1_sp2:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.