CVE-2007-5366

high

Description

The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/37026

http://www.securityfocus.com/bid/25988

http://www.fujitsu.com/global/support/software/security/products-f/interstage-200705e.html

http://secunia.com/advisories/27136

http://osvdb.org/41318

Details

Source: Mitre, NVD

Published: 2007-10-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00192