|
|
Jetty Dump Servlet Cross Site Scripting Vulnerability
|
Bugtraq ID:
|
26697
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-5613
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 04 2007 12:00AM
|
|
Updated:
|
Feb 18 2009 11:08PM
|
|
Credit:
|
Tomasz Kuczynski is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
S.u.S.E. SUSE Linux Enterprise Server 10 SP2
RedHat Fedora 9 0
RedHat Fedora 8 0
Jetty Jetty 6.0.2
Jetty Jetty 6.0.1
Jetty Jetty 6.1.5
Jetty Jetty 6.1.4
Jetty Jetty 6.1.3
Jetty Jetty 6.1.2
Jetty Jetty 6.1.1
Jetty Jetty 6.1.0pre3
Jetty Jetty 6.1.0pre2
|
|
|
|
Not Vulnerable:
|
Jetty Jetty 6.1.6
|
|
|
