Описание
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
Ссылки
- ExploitMailing List
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken LinkPatchVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken Link
- ExploitMailing List
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken LinkPatchVendor Advisory
- Broken LinkPatchVendor Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:oracle:sun_one_application_server:7.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10053
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-178
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
EPSS
Процентиль: 93%
0.10053
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-178