CVE-2002-1025

2003-04-0205:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.007

Percentile

79.9%

JSON

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.

References

archives.neohapsis.com/archives/vulnwatch/2002-q2/0138.html

online.securityfocus.com/archive/1/280062

www.iss.net/security_center/static/9459.php

www.macromedia.com/v1/handlers/index.cfm?ID=23164

www.osvdb.org/5028

www.securityfocus.com/bid/5134