Caucho Technology : Security Vulnerabilities, CVEs, (Denial of service)
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.
Max CVSS
9.4
EPSS Score
3.13%
Published
2007-05-16
Updated
2017-07-29
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Max CVSS
5.0
EPSS Score
0.19%
Published
2002-12-31
Updated
2008-09-05
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
Max CVSS
5.0
EPSS Score
0.17%
Published
2002-12-31
Updated
2008-09-05
Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.
Max CVSS
5.0
EPSS Score
0.28%
Published
2002-12-31
Updated
2008-09-05
4 vulnerabilities found