CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jsp:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:35

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2001-02/0239.html - Patch, Vendor Advisory () http://archives.neohapsis.com/archives/bugtraq/2001-02/0239.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/2286 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/2286 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/5986 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/5986 -

Information

Published : 2001-08-22 04:00

Updated : 2024-11-20 23:35


NVD link : CVE-2001-0591

Mitre link : CVE-2001-0591

CVE.ORG link : CVE-2001-0591


JSON object : View

Products Affected

oracle

  • jsp
  • application_server