PT-2003-2474 · Seagull Software Systems · J Walk

Published

2003-12-31

Updated

2017-07-29

CVE-2003-1529

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Seagull Software Systems J Walk application server versions 3.2C9 through 3.3c4

Description The issue allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. This is a directory traversal vulnerability.

Recommendations For versions 3.2C9 through 3.3c4, update to version 3.3c4 or later to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2003-1529

Affected Products

J Walk

PT-2003-2474 · Seagull Software Systems · J Walk

CVE-2003-1529

Weakness Enumeration

Related Identifiers

Affected Products

References · 8