CVE-2007-2441

Published: May 16, 2007Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.

Affected (2)

Products: Caucho Technology: Resin

Caucho Technology

1 product

Resin

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Caucho Technology Resin	Up to 3.1.0
Caucho Technology Resin	Up to 3.1.0

References (16)

http://osvdb.org/36057

Source: cve@mitre.org

http://secunia.com/advisories/25286

Source: cve@mitre.org

PatchVendor Advisory

http://www.caucho.com/resin-3.1/changes/changes.xtp

Source: cve@mitre.org

Patch

http://www.rapid7.com/advisories/R7-0030.jsp

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/23985

Source: cve@mitre.org

http://www.securitytracker.com/id?1018061

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2007/1824

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34293

Source: cve@mitre.org

http://osvdb.org/36057