CVE-2009-1873

CVE Database · CVE-2009-1873

CVE-2009-1873

· N/AModified

CVSS v3.1

N/A

EPSS

4.70%

Published

Aug 18, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAdobe JRun 4 - 'logfile' (Authenticated) Directory Traversal TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.

Weaknesses (CWE)

CWE-22

Affected Products (2)

adobe · jrunvulnerable

References (10)

http://osvdb.org/57186

http://www.adobe.com/support/security/bulletins/apsb09-12.html

PatchVendor Advisory

http://www.dsecrg.com/pages/vul/show.php?id=152

Exploit

http://www.securityfocus.com/archive/1/505808/100/0/threaded

https://www.exploit-db.com/exploits/9443