cpe:/a:sun:java_active_server:4.0.2 CVE-2008-2401 2008-06-04T16:32:00.000-04:00 2017-08-07T21:31:00.967-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-05T11:17:00.000-04:00 ALLOWS_OTHER_ACCESS SECTRACK 1020186 IDEFENSE 20080603 Sun Java System Active Server Pages File Creation Vulnerability SUNALERT 238184 SECUNIA 30523 VUPEN ADV-2008-1742 IAVM IAVM:2008-A-0038 XF sunjava-file-creation-code-execution(42832) The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications.