CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-2405

HIGH
7.5
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile39.88th
Published2008年6月4日
Last Modified2026年4月23日

Vulnerability Description

Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.

Affected Platforms (CPE)

📦
Sun

Java Active Server Pages

<= 4.0.2
📦
Sun

Java Active Server Pages

= 4.0.0
📦
Sun

Java Active Server Pages

= 4.0.1

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=709
🔗 http://secunia.com/advisories/30523
🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-66-238184-1
🔗 http://www.securitytracker.com/id?1020190
🔗 http://www.vupen.com/english/advisories/2008/1742/references
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42829
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=709
🔗 http://secunia.com/advisories/30523

相關漏洞威脅

CVE-2008-240310.0

Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4...

CVE-2008-240410.0

Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow...

CVE-2008-24017.5

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or e...

CVE-2008-24067.5

The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass ...