Resin
Sign in to watchCVEs (26)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-1987 | 0.00 | — | 0.00 | Dec 31, 2002 | Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | ||
| CVE-2002-1988 | 0.00 | — | 0.01 | Dec 31, 2002 | Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. | ||
| CVE-2002-1990 | 0.00 | — | 0.00 | Dec 31, 2002 | Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. | ||
| CVE-2002-1989 | 0.00 | — | 0.01 | Dec 31, 2002 | Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | ||
| CVE-2002-2090 | 0.00 | — | 0.00 | Dec 31, 2002 | Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp. | ||
| CVE-2001-0828 | 0.00 | — | 0.01 | Dec 6, 2001 | A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript. |
Page 2 of 2