You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
CVE-2009-1523 - Medium Severity Vulnerability
Vulnerable Libraries - jetty-util-6.1.7.jar, jetty-6.1.7.jar
jetty-util-6.1.7.jar
Utility classes for Jetty
path: null
Library home page: http://jetty.mortbay.org
Dependency Hierarchy:
jetty-6.1.7.jar
Jetty server core
path: null
Library home page: http://jetty.mortbay.org
Dependency Hierarchy:
Vulnerability Details
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
Publish Date: 2009-05-05
URL: CVE-2009-1523
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: http://www.securitytracker.com/id?1022563
Release Date: 2017-12-31
Fix Resolution: The vendor has issued a fix, described in their July 2009 Critical Patch Update advisory.
The Oracle advisory is available at:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: