Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Score: 1.5
Priority: P4 - Informational (Low)
Score: 0.01583
Percentile:
0.80799
CVSS v2 Score: 5.0
Severity: