Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1511

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1511
Last Modified 05 Sep 2008 04:26:44
Published 31 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1511

Summary

JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570".

Vulnerable Systems

Application

  • Macromedia Jrun 3.0

  • Macromedia Jrun 3.1


References

CONFIRM - http://www.macromedia.com/v1/handlers/index.cfm?ID=22288&Method=Full

XF - allaire-jrun-view-jsp-source(7676)


Last Updated: 27 May 2016 10:36:42