CVE-2001-1510

2001-12-31T05:00:00
ID CVE-2001-1510
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:26:00

Description

Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.