3 matches found
Oracle JSP Apache/Jserv Path Translation Arbitrary JSP File Execution
Detects Vulnerability in the execution of JSPs outside docroot. A potential security vulnerability has been discovered in Oracle JSP releases 1.0.x through 1.1.1 in Apache/Jserv. This vulnerability permits access to and execution of unintended JSP files outside the docroot in Apache/Jserv. For...
CVE-2001-0591
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' dot dot attack...
Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root
Georgi Guninski security advisory 36, 2001 Oracle JSP/SQLJSP handlers allow viewing files and executing JSP outside the web root Systems affected: Oracle JSP/SQLJSP handlers, installed by default Oracle 8.1.7 Windows 2000 Have not tested on other versions but they may be vulnerable Risk: High Dat...