CVE-2007-0412
BEA WebLogic Server versions 6.1–6.1 SP7, 7.0–7.0 SP7, and 8.1–8.1 SP5 allow remote attackers to read arbitrary files inside the class-path by crafting .ear or exploded .ear archives that use the manifest-class-path to point to utility JARs. Root cause is misinterpretation of manifest-class-path ...