CVE-2007-2440

Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "web-inf" sequence.

Date published : 2007-05-16

http://www.securityfocus.com/bid/23985

http://www.caucho.com/resin-3.1/changes/changes.xtp