Vulnerability Description
The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fujitsu | Interstage Application Server | 7.0 |
| Fujitsu | Interstage Apworks | 7.0 |
| Fujitsu | Interstage Studio | 8.01 |
Related Weaknesses (CWE)
References
- http://osvdb.org/41318
- http://secunia.com/advisories/27136Vendor Advisory
- http://www.fujitsu.com/global/support/software/security/products-f/interstage-20
- http://www.securityfocus.com/bid/25988
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37026
- http://osvdb.org/41318
- http://secunia.com/advisories/27136Vendor Advisory
- http://www.fujitsu.com/global/support/software/security/products-f/interstage-20
- http://www.securityfocus.com/bid/25988
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37026
FAQ
What is CVE-2007-5366?
CVE-2007-5366 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information ...
How severe is CVE-2007-5366?
CVE-2007-5366 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5366?
Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Interstage Application Server, Fujitsu Interstage Apworks, Fujitsu Interstage Studio.