What is the severity of CVE-2005-3747?

CVE-2005-3747 is considered a medium severity vulnerability that allows remote attackers to potentially read the source code of JSP pages.

How do I fix CVE-2005-3747?

To address CVE-2005-3747, upgrade your Jetty server to version 5.1.6 or later.

Which versions of Jetty are affected by CVE-2005-3747?

CVE-2005-3747 affects all versions of Jetty prior to 5.1.6.

What type of attack is enabled by CVE-2005-3747?

CVE-2005-3747 allows attackers to exploit the vulnerable Jetty versions to access JSP source code by manipulating requests.

Is CVE-2005-3747 linked to any other vulnerabilities?

Yes, CVE-2005-3747 may be related to CVE-2006-2758, indicating a similar issue.

Vulnerability/
CVE-2005-3747

medium

CWE

200

22/11/2005

1/5/2022

7/8/2024

CVE-2005-3747: Infoleak

First published: Tue Nov 22 2005(Updated: )

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
maven/org.mortbay.jetty:jetty	<5.1.6	5.1.6
Eclipse Jetty	=1.0.1
Eclipse Jetty	=4.2.25
Eclipse Jetty	=5.1.3-rc0
Eclipse Jetty	=1.3.1
Eclipse Jetty	=3.0.a3
Eclipse Jetty	=1.3.4
Eclipse Jetty	=4.2.22
Eclipse Jetty	=3.1.8
Eclipse Jetty	=3.0.a0
Eclipse Jetty	=4.2.1
Eclipse Jetty	=2.0.4
Eclipse Jetty	=2.2-beta0
Eclipse Jetty	=2.2.8
Eclipse Jetty	=5.1.2-pre0
Eclipse Jetty	=5.1.5-rc2
Eclipse Jetty	=3.0.a95
Eclipse Jetty	=4.2.9-rc1
Eclipse Jetty	=3.0.0-rc2
Eclipse Jetty	=5.1.2
Eclipse Jetty	=5.0-rc1
Eclipse Jetty	=2.1.1
Eclipse Jetty	=3.0.a97
Eclipse Jetty	=2.0-alpha2
Eclipse Jetty	=3.0.a99
Eclipse Jetty	=4.0.b2
Eclipse Jetty	=2.3.2
Eclipse Jetty	=2.4.9
Eclipse Jetty	=4.0.5
Eclipse Jetty	=4.0.0
Eclipse Jetty	=4.0.d4
Eclipse Jetty	=5.1.4
Eclipse Jetty	=3.0.a6
Eclipse Jetty	=2.1.b1
Eclipse Jetty	=4.1.1
Eclipse Jetty	=2.0-beta1
Eclipse Jetty	=2.3.1
Eclipse Jetty	=3.1-rc2
Eclipse Jetty	=4.2.10-pre2
Eclipse Jetty	=3.0.2
Eclipse Jetty	=5.0-rc3
Eclipse Jetty	=2.3.0a
Eclipse Jetty	=4.2.0-rc0
Eclipse Jetty	=5.1.3-rc1
Eclipse Jetty	=2.4.2
Eclipse Jetty	=5.1.1
Eclipse Jetty	=4.2.16
Eclipse Jetty	=3.0.a7
Eclipse Jetty	=2.1.5
Eclipse Jetty	=2.0.1
Eclipse Jetty	=3.1-rc0
Eclipse Jetty	=3.0.1
Eclipse Jetty	=3.0.a96
Eclipse Jetty	=5.0-alpha2
Eclipse Jetty	=2.3.3
Eclipse Jetty	=3.0.0-rc1
Eclipse Jetty	=2.1.2
Eclipse Jetty	=1.3.3
Eclipse Jetty	=5.1
Eclipse Jetty	=4.0.2
Eclipse Jetty	=4.2.23-rc0
Eclipse Jetty	=3.0.0-rc4
Eclipse Jetty	=3.1.0
Eclipse Jetty	=4.2.12
Eclipse Jetty	=4.2.0-beta0
Eclipse Jetty	=4.2.17
Eclipse Jetty	=2.2.3
Eclipse Jetty	=2.2-alpha1
Eclipse Jetty	=4.1.b0
Eclipse Jetty	=2.4.6
Eclipse Jetty	=2.0-alpha1
Eclipse Jetty	=5.0-beta1
Eclipse Jetty	=4.1.3
Eclipse Jetty	=3.1.5
Eclipse Jetty	=2.3.0
Eclipse Jetty	=4.2.5
Eclipse Jetty	=5.0-alpha1
Eclipse Jetty	=1.1.1
Eclipse Jetty	=2.0.2
Eclipse Jetty	=2.0.0
Eclipse Jetty	=3.0.6
Eclipse Jetty	=3.0.a9
Eclipse Jetty	=4.1.0-rc2
Eclipse Jetty	=3.0.0-rc5
Eclipse Jetty	=4.2.26
Eclipse Jetty	=4.0.d3
Eclipse Jetty	=3.1.2
Eclipse Jetty	=4.0.6
Eclipse Jetty	=1.3.2
Eclipse Jetty	=2.4.4
Eclipse Jetty	=4.2.10-pre0
Eclipse Jetty	=3.1-rc7
Eclipse Jetty	=4.1.0-rc0
Eclipse Jetty	=3.0.b01
Eclipse Jetty	=4.2.21
Eclipse Jetty	=3.0.b02
Eclipse Jetty	=4.2.24
Eclipse Jetty	=2.4.3
Eclipse Jetty	=4.1.d2
Eclipse Jetty	=2.1.6
Eclipse Jetty	=4.2.4
Eclipse Jetty	=5.1.5-rc1
Eclipse Jetty	=3.0.5
Eclipse Jetty	=4.1.0-rc3
Eclipse Jetty	=4.2
Eclipse Jetty	=3.0.a92
Eclipse Jetty	=4.0.3
Eclipse Jetty	=3.0.0-rc6
Eclipse Jetty	=1.3.5
Eclipse Jetty	=3.0.a90
Eclipse Jetty	=5.1.11-rc0
Eclipse Jetty	=4.2.14
Eclipse Jetty	=1.1
Eclipse Jetty	=4.0.1-rc1
Eclipse Jetty	=2.2.6
Eclipse Jetty	=4.2.0-rc1
Eclipse Jetty	=4.2.14-rc0
Eclipse Jetty	=4.1.b1
Eclipse Jetty	=2.2-alpha0
Eclipse Jetty	=2.0-beta2
Eclipse Jetty	=4.2.10
Eclipse Jetty	=2.4.5
Eclipse Jetty	=3.0.a2
Eclipse Jetty	=4.2.24-rc0
Eclipse Jetty	=3.1.6
Eclipse Jetty	=4.1.0
Eclipse Jetty	=4.2.20
Eclipse Jetty	=2.2.2
Eclipse Jetty	=3.1.3
Eclipse Jetty	=3.1-rc4
Eclipse Jetty	=4.0.4
Eclipse Jetty	=2.3.4
Eclipse Jetty	=4.2.9
Eclipse Jetty	=2.2-beta2
Eclipse Jetty	=2.1.4
Eclipse Jetty	=3.0.a91
Eclipse Jetty	=4.2.24-rc1
Eclipse Jetty	=4.0-rc2
Eclipse Jetty	=2.0.5
Eclipse Jetty	=4.0.d0
Eclipse Jetty	=2.2-beta1
Eclipse Jetty	=4.2.14-rc1
Eclipse Jetty	=4.2.23
Eclipse Jetty	=3.0.a4
Eclipse Jetty	=4.2.4-rc0
Eclipse Jetty	=3.0.b05
Eclipse Jetty	=3.1-rc5
Eclipse Jetty	=5.0.0-rc0
Eclipse Jetty	=4.2.6
Eclipse Jetty	=2.2.5
Eclipse Jetty	=5.0-rc2
Eclipse Jetty	=5.0-beta2
Eclipse Jetty	=3.0.0
Eclipse Jetty	=4.0-rc1
Eclipse Jetty	=3.0.a5
Eclipse Jetty	=4.2.8_01
Eclipse Jetty	=3.0.0-rc7
Eclipse Jetty	=3.0.b03
Eclipse Jetty	=4.2.10-pre1
Eclipse Jetty	=2.3.5
Eclipse Jetty	=5.0-alpha3
Eclipse Jetty	=2.1.3
Eclipse Jetty	=5.1.5-rc0
Eclipse Jetty	=4.1.0-rc4
Eclipse Jetty	=4.1.2
Eclipse Jetty	=3.1-rc1
Eclipse Jetty	=4.2.3
Eclipse Jetty	=2.2-beta3
Eclipse Jetty	=4.2.9-rc2
Eclipse Jetty	=5.1.3-rc4
Eclipse Jetty	=3.1.9
Eclipse Jetty	=2.4.0
Eclipse Jetty	=2.2.0
Eclipse Jetty	=1.2.0
Eclipse Jetty	=2.2.7
Eclipse Jetty	=2.2.1
Eclipse Jetty	=4.2.19
Eclipse Jetty	=4.0-rc3
Eclipse Jetty	=4.0.1-rc0
Eclipse Jetty	=3.0
Eclipse Jetty	=3.0.4
Eclipse Jetty	=3.1-rc6
Eclipse Jetty	=4.0.d2
Eclipse Jetty	=5.1.0
Eclipse Jetty	=3.0.a98
Eclipse Jetty	=4.1.0-rc5
Eclipse Jetty	=5.0-beta0
Eclipse Jetty	=4.2.15
Eclipse Jetty	=5.1.3
Eclipse Jetty	=4.1.d1
Eclipse Jetty	=4.0.d1
Eclipse Jetty	=4.1.4
Eclipse Jetty	=1.3.0
Eclipse Jetty	=4.2.7
Eclipse Jetty	=3.0.0-rc8
Eclipse Jetty	=3.1.4
Eclipse Jetty	=2.1.b0
Eclipse Jetty	=2.4.8
Eclipse Jetty	=4.2.11
Eclipse Jetty	=4.2.20-rc0
Eclipse Jetty	=4.1.0-rc6
Eclipse Jetty	=3.0.a94
Eclipse Jetty	=5.0-alpha0
Eclipse Jetty	=4.2.0
Eclipse Jetty	=3.1.1
Eclipse Jetty	=5.1.3-rc3
Eclipse Jetty	=4.1.d0
Eclipse Jetty	=5.1.1-rc0
Eclipse Jetty	=5.0.0
Eclipse Jetty	=3.1-rc3
Eclipse Jetty	=5.1.1-rc1
Eclipse Jetty	=5.1.4-rc0
Eclipse Jetty	=4.0.1
Eclipse Jetty	=5.1.3-rc2
Eclipse Jetty	=2.2.4
Eclipse Jetty	=4.0.b0
Eclipse Jetty	=3.0.a1
Eclipse Jetty	=3.0.3
Eclipse Jetty	=5.0-rc4
Eclipse Jetty	=2.1.7
Eclipse Jetty	=4.2.2
Eclipse Jetty	=3.0.0-rc3
Eclipse Jetty	=3.1-rc9
Eclipse Jetty	=3.0.b04
Eclipse Jetty	=3.0.a8
Eclipse Jetty	=4.2.18
Eclipse Jetty	=4.0.b1
Eclipse Jetty	=3.1.7
Eclipse Jetty	=3.0.a93
Eclipse Jetty	=4.2.27
Eclipse Jetty	=2.1.0
Eclipse Jetty	=2.4.1
Eclipse Jetty	<=5.1.5
Eclipse Jetty	=4.0.1-rc2
Eclipse Jetty	=1.0
Eclipse Jetty	=4.2.15-rc0
Eclipse Jetty	=2.2-beta4
Eclipse Jetty	=2.4.7
Eclipse Jetty	=3.1-rc8
Eclipse Jetty	=4.1.0-rc1
Eclipse Jetty	=2.0.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-3747?
CVE-2005-3747 is considered a medium severity vulnerability that allows remote attackers to potentially read the source code of JSP pages.
How do I fix CVE-2005-3747?
To address CVE-2005-3747, upgrade your Jetty server to version 5.1.6 or later.
Which versions of Jetty are affected by CVE-2005-3747?
CVE-2005-3747 affects all versions of Jetty prior to 5.1.6.
What type of attack is enabled by CVE-2005-3747?
CVE-2005-3747 allows attackers to exploit the vulnerable Jetty versions to access JSP source code by manipulating requests.
Is CVE-2005-3747 linked to any other vulnerabilities?
Yes, CVE-2005-3747 may be related to CVE-2006-2758, indicating a similar issue.

collector/github-advisory-latest
alias/GHSA-cwq3-qp8v-w8q3
alias/CVE-2005-3747
collector/github-advisory
agent/author
agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/first-publish-date
agent/description
agent/event
agent/trending
agent/softwarecombine
agent/source
agent/tags
collector/nvd-historical
vendor/mortbay
product/jetty
canonical/mortbay jetty
agent/software-canonical-lookup-request
collector/nvd-cve
collector/nvd-index
package-manager/maven
version/mortbay jetty/1.0.1
version/mortbay jetty/4.2.25
version/mortbay jetty/5.1.3-rc0
version/mortbay jetty/1.3.1
version/mortbay jetty/3.0.a3
version/mortbay jetty/1.3.4
version/mortbay jetty/4.2.22
version/mortbay jetty/3.1.8
version/mortbay jetty/3.0.a0
version/mortbay jetty/4.2.1
version/mortbay jetty/2.0.4
version/mortbay jetty/2.2-beta0
version/mortbay jetty/2.2.8
version/mortbay jetty/5.1.2-pre0
version/mortbay jetty/5.1.5-rc2
version/mortbay jetty/3.0.a95
version/mortbay jetty/4.2.9-rc1
version/mortbay jetty/3.0.0-rc2
version/mortbay jetty/5.1.2
version/mortbay jetty/5.0-rc1
version/mortbay jetty/2.1.1
version/mortbay jetty/3.0.a97
version/mortbay jetty/2.0-alpha2
version/mortbay jetty/3.0.a99
version/mortbay jetty/4.0.b2
version/mortbay jetty/2.3.2
version/mortbay jetty/2.4.9
version/mortbay jetty/4.0.5
version/mortbay jetty/4.0.0
version/mortbay jetty/4.0.d4
version/mortbay jetty/5.1.4
version/mortbay jetty/3.0.a6
version/mortbay jetty/2.1.b1
version/mortbay jetty/4.1.1
version/mortbay jetty/2.0-beta1
version/mortbay jetty/2.3.1
version/mortbay jetty/3.1-rc2
version/mortbay jetty/4.2.10-pre2
version/mortbay jetty/3.0.2
version/mortbay jetty/5.0-rc3
version/mortbay jetty/2.3.0a
version/mortbay jetty/4.2.0-rc0
version/mortbay jetty/5.1.3-rc1
version/mortbay jetty/2.4.2
version/mortbay jetty/5.1.1
version/mortbay jetty/4.2.16
version/mortbay jetty/3.0.a7
version/mortbay jetty/2.1.5
version/mortbay jetty/2.0.1
version/mortbay jetty/3.1-rc0
version/mortbay jetty/3.0.1
version/mortbay jetty/3.0.a96
version/mortbay jetty/5.0-alpha2
version/mortbay jetty/2.3.3
version/mortbay jetty/3.0.0-rc1
version/mortbay jetty/2.1.2
version/mortbay jetty/1.3.3
version/mortbay jetty/5.1
version/mortbay jetty/4.0.2
version/mortbay jetty/4.2.23-rc0
version/mortbay jetty/3.0.0-rc4
version/mortbay jetty/3.1.0
version/mortbay jetty/4.2.12
version/mortbay jetty/4.2.0-beta0
version/mortbay jetty/4.2.17
version/mortbay jetty/2.2.3
version/mortbay jetty/2.2-alpha1
version/mortbay jetty/4.1.b0
version/mortbay jetty/2.4.6
version/mortbay jetty/2.0-alpha1
version/mortbay jetty/5.0-beta1
version/mortbay jetty/4.1.3
version/mortbay jetty/3.1.5
version/mortbay jetty/2.3.0
version/mortbay jetty/4.2.5
version/mortbay jetty/5.0-alpha1
version/mortbay jetty/1.1.1
version/mortbay jetty/2.0.2
version/mortbay jetty/2.0.0
version/mortbay jetty/3.0.6
version/mortbay jetty/3.0.a9
version/mortbay jetty/4.1.0-rc2
version/mortbay jetty/3.0.0-rc5
version/mortbay jetty/4.2.26
version/mortbay jetty/4.0.d3
version/mortbay jetty/3.1.2
version/mortbay jetty/4.0.6
version/mortbay jetty/1.3.2
version/mortbay jetty/2.4.4
version/mortbay jetty/4.2.10-pre0
version/mortbay jetty/3.1-rc7
version/mortbay jetty/4.1.0-rc0
version/mortbay jetty/3.0.b01
version/mortbay jetty/4.2.21
version/mortbay jetty/3.0.b02
version/mortbay jetty/4.2.24
version/mortbay jetty/2.4.3
version/mortbay jetty/4.1.d2
version/mortbay jetty/2.1.6
version/mortbay jetty/4.2.4
version/mortbay jetty/5.1.5-rc1
version/mortbay jetty/3.0.5
version/mortbay jetty/4.1.0-rc3
version/mortbay jetty/4.2
version/mortbay jetty/3.0.a92
version/mortbay jetty/4.0.3
version/mortbay jetty/3.0.0-rc6
version/mortbay jetty/1.3.5
version/mortbay jetty/3.0.a90
version/mortbay jetty/5.1.11-rc0
version/mortbay jetty/4.2.14
version/mortbay jetty/1.1
version/mortbay jetty/4.0.1-rc1
version/mortbay jetty/2.2.6
version/mortbay jetty/4.2.0-rc1
version/mortbay jetty/4.2.14-rc0
version/mortbay jetty/4.1.b1
version/mortbay jetty/2.2-alpha0
version/mortbay jetty/2.0-beta2
version/mortbay jetty/4.2.10
version/mortbay jetty/2.4.5
version/mortbay jetty/3.0.a2
version/mortbay jetty/4.2.24-rc0
version/mortbay jetty/3.1.6
version/mortbay jetty/4.1.0
version/mortbay jetty/4.2.20
version/mortbay jetty/2.2.2
version/mortbay jetty/3.1.3
version/mortbay jetty/3.1-rc4
version/mortbay jetty/4.0.4
version/mortbay jetty/2.3.4
version/mortbay jetty/4.2.9
version/mortbay jetty/2.2-beta2
version/mortbay jetty/2.1.4
version/mortbay jetty/3.0.a91
version/mortbay jetty/4.2.24-rc1
version/mortbay jetty/4.0-rc2
version/mortbay jetty/2.0.5
version/mortbay jetty/4.0.d0
version/mortbay jetty/2.2-beta1
version/mortbay jetty/4.2.14-rc1
version/mortbay jetty/4.2.23
version/mortbay jetty/3.0.a4
version/mortbay jetty/4.2.4-rc0
version/mortbay jetty/3.0.b05
version/mortbay jetty/3.1-rc5
version/mortbay jetty/5.0.0-rc0
version/mortbay jetty/4.2.6
version/mortbay jetty/2.2.5
version/mortbay jetty/5.0-rc2
version/mortbay jetty/5.0-beta2
version/mortbay jetty/3.0.0
version/mortbay jetty/4.0-rc1
version/mortbay jetty/3.0.a5
version/mortbay jetty/4.2.8_01
version/mortbay jetty/3.0.0-rc7
version/mortbay jetty/3.0.b03
version/mortbay jetty/4.2.10-pre1
version/mortbay jetty/2.3.5
version/mortbay jetty/5.0-alpha3
version/mortbay jetty/2.1.3
version/mortbay jetty/5.1.5-rc0
version/mortbay jetty/4.1.0-rc4
version/mortbay jetty/4.1.2
version/mortbay jetty/3.1-rc1
version/mortbay jetty/4.2.3
version/mortbay jetty/2.2-beta3
version/mortbay jetty/4.2.9-rc2
version/mortbay jetty/5.1.3-rc4
version/mortbay jetty/3.1.9
version/mortbay jetty/2.4.0
version/mortbay jetty/2.2.0
version/mortbay jetty/1.2.0
version/mortbay jetty/2.2.7
version/mortbay jetty/2.2.1
version/mortbay jetty/4.2.19
version/mortbay jetty/4.0-rc3
version/mortbay jetty/4.0.1-rc0
version/mortbay jetty/3.0
version/mortbay jetty/3.0.4
version/mortbay jetty/3.1-rc6
version/mortbay jetty/4.0.d2
version/mortbay jetty/5.1.0
version/mortbay jetty/3.0.a98
version/mortbay jetty/4.1.0-rc5
version/mortbay jetty/5.0-beta0
version/mortbay jetty/4.2.15
version/mortbay jetty/5.1.3
version/mortbay jetty/4.1.d1
version/mortbay jetty/4.0.d1
version/mortbay jetty/4.1.4
version/mortbay jetty/1.3.0
version/mortbay jetty/4.2.7
version/mortbay jetty/3.0.0-rc8
version/mortbay jetty/3.1.4
version/mortbay jetty/2.1.b0
version/mortbay jetty/2.4.8
version/mortbay jetty/4.2.11
version/mortbay jetty/4.2.20-rc0
version/mortbay jetty/4.1.0-rc6
version/mortbay jetty/3.0.a94
version/mortbay jetty/5.0-alpha0
version/mortbay jetty/4.2.0
version/mortbay jetty/3.1.1
version/mortbay jetty/5.1.3-rc3
version/mortbay jetty/4.1.d0
version/mortbay jetty/5.1.1-rc0
version/mortbay jetty/5.0.0
version/mortbay jetty/3.1-rc3
version/mortbay jetty/5.1.1-rc1
version/mortbay jetty/5.1.4-rc0
version/mortbay jetty/4.0.1
version/mortbay jetty/5.1.3-rc2
version/mortbay jetty/2.2.4
version/mortbay jetty/4.0.b0
version/mortbay jetty/3.0.a1
version/mortbay jetty/3.0.3
version/mortbay jetty/5.0-rc4
version/mortbay jetty/2.1.7
version/mortbay jetty/4.2.2
version/mortbay jetty/3.0.0-rc3
version/mortbay jetty/3.1-rc9
version/mortbay jetty/3.0.b04
version/mortbay jetty/3.0.a8
version/mortbay jetty/4.2.18
version/mortbay jetty/4.0.b1
version/mortbay jetty/3.1.7
version/mortbay jetty/3.0.a93
version/mortbay jetty/4.2.27
version/mortbay jetty/2.1.0
version/mortbay jetty/2.4.1
version/mortbay jetty/5.1.5
version/mortbay jetty/4.0.1-rc2
version/mortbay jetty/1.0
version/mortbay jetty/4.2.15-rc0
version/mortbay jetty/2.2-beta4
version/mortbay jetty/2.4.7
version/mortbay jetty/3.1-rc8
version/mortbay jetty/4.1.0-rc1
version/mortbay jetty/2.0.3

CVE-2005-3747: Infoleak

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-3747?

How do I fix CVE-2005-3747?

Which versions of Jetty are affected by CVE-2005-3747?

What type of attack is enabled by CVE-2005-3747?

Is CVE-2005-3747 linked to any other vulnerabilities?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2005-3747?

How do I fix CVE-2005-3747?

Which versions of Jetty are affected by CVE-2005-3747?

What type of attack is enabled by CVE-2005-3747?

Is CVE-2005-3747 linked to any other vulnerabilities?