- EPSS 1.24%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:26
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
- EPSS 1.57%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:26
Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.
- EPSS 2.55%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:26
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot).
CVE-2001-0828
- EPSS 2.77%
- Veröffentlicht 06.12.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:02
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.
- EPSS 2.84%
- Veröffentlicht 18.06.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:14
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
- EPSS 3.13%
- Veröffentlicht 03.05.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:03
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.
- EPSS 2.87%
- Veröffentlicht 23.11.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:25
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.