Описание
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1025
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0138.html
- http://online.securityfocus.com/archive/1/280062
- http://www.iss.net/security_center/static/9459.php
- http://www.macromedia.com/v1/handlers/index.cfm?ID=23164
- http://www.osvdb.org/5028
- http://www.securityfocus.com/bid/5134
EPSS
Процентиль: 73%
0.00773
Низкий
CVE ID
Связанные уязвимости
nvd
почти 23 года назад
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
EPSS
Процентиль: 73%
0.00773
Низкий