5
CVE-2002-1025
- EPSS 2.01%
- Veröffentlicht 04.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.01% | 0.783 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://www.macromedia.com/v1/handlers/index.cfm?ID=23164
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0138.html
http://online.securityfocus.com/archive/1/280062
http://www.iss.net/security_center/static/9459.php
http://www.osvdb.org/5028
http://www.securityfocus.com/bid/5134