Unrated severityNVD Advisory· Published May 9, 2008· Updated Apr 23, 2026

CVE-2008-2120

Description

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

Affected products

Sun Corporation/Java System Application Server
cpe:2.3:a:sun:java_system_application_server:*:*:*:*:*:*:*:*
Range: <=7.0
Sun Corporation/Java System Web Server2 versions
cpe:2.3:a:sun:java_system_web_server:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:java_system_web_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_web_server:*:sp7:*:*:*:*:*:*range: <=6.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sunsolve.sun.com/search/document.donvdPatch
www.securityfocus.com/bid/29088nvdPatch
secunia.com/advisories/30122nvdVendor Advisory
www.securitytracker.com/idnvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/1457/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/42266nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000