Описание
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <> FilePermission.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:oracle:application_server:release_1.0.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.7_r3:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01525
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.
EPSS
Процентиль: 81%
0.01525
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other