Unrated severityNVD Advisory· Published Jun 4, 2008· Updated Jun 16, 2026
CVE-2008-2405
CVE-2008-2405
Description
Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.
Affected products
4cpe:2.3:a:sun:java_active_server_pages:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sun:java_active_server_pages:*:*:*:*:*:*:*:*range: <=4.0.2
- cpe:2.3:a:sun:java_active_server_pages:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_active_server_pages:4.0.1:*:*:*:*:*:*:*
- (no CPE)range: <4.0.3
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.