Microsoft Internet Explorer Windows 10 1809 17763.316 scripting engine memory corruption exploit.
7d2015c3ac3c61fefec434f05b388f4ccd27c5327a0537ee0a13305ce2eda40cThe Jetty path normalization mechanism suffers of an implementation issue when parsing the request URLs. The path normalization logic implemented in the PathResource class and introduced in Jetty versions 9.3.x can be defeated by requesting malicious URLs containing specific escaped characters. Leveraging on this weakness, a malicious user can gain access to protected resources (e.g. WEB-INF and META-INF folders and their contents) and defeat application filters or other security constraints implemented in the servlet configuration. Versions 9.3.0 through 9.3.8 are affected.
26929157b560ea70de00b08c35d3faa27d7dde2502ff66c5a5de0ac9128cc9bc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed