Описание
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2001-1510
- http://online.securityfocus.com/archive/1/242843/2002-07-27/2002-08-02/2
- http://online.securityfocus.com/archive/1/243203
- http://www.iss.net/security_center/static/7623.php
- http://www.macromedia.com/v1/handlers/index.cfm?ID=22262&Method=Full
- http://www.securityfocus.com/archive/1/243636
- http://www.securityfocus.com/bid/3592
EPSS
CVE ID
Связанные уязвимости
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
EPSS