CVE-2002-1990

Description

Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet.

Affected products

• caucho_technology / resin2.0 – 2.0
• caucho_technology / resin2.1.1 – 2.1.1
• caucho_technology / resin2.1.2 – 2.1.2

References

• MISChttp://www.iss.net/security_center/static/9419.php
• MISChttp://www.securityfocus.com/bid/5095
• MISChttp://online.securityfocus.com/archive/1/278747