CVE-2007-2441

Caucho Resin <3.1.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2441. PoCs published by Derek Abdine.

AI-analyzed exploit summary The provided text describes an information disclosure vulnerability in Caucho Resin 3.1.0 on Windows, where improper sanitization of user-supplied data allows access to sensitive information. The example URL demonstrates the issue but does not include functional exploit code.

Description

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Derek Abdine · textremotewindows

https://www.exploit-db.com/exploits/30037

View Code ZIP pw:eip

The provided text describes an information disclosure vulnerability in Caucho Resin 3.1.0 on Windows, where improper sanitization of user-supplied data allows access to sensitive information. The example URL demonstrates the issue but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Caucho Resin 3.1.0

No auth needed

Prerequisites: Caucho Resin 3.1.0 installed on Microsoft Windows

MITRE ATT&CK