CVE-2008-2403

Name of the Vulnerable Software and Affected Versions: Sun Java Active Server Pages (ASP) Server versions prior to 4.0.3

Description: The issue concerns multiple directory traversal vulnerabilities in unspecified ASP applications. These vulnerabilities allow remote attackers to read or delete arbitrary files by utilizing a .. (dot dot) in the Path parameter to the MapPath method.

Recommendations: For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the MapPath method to minimize the risk of exploitation. Avoid using the Path parameter in the affected API endpoint until the issue is resolved.