CVE-2002-1025

Published: Apr 2, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.macromedia.com/v1/handlers/index.cfm?ID=23164

x_refsource_CONFIRM

5028

vdb-entry

x_refsource_OSVDB

5134

vdb-entry

x_refsource_BID

20020701 KPMG-2002026: Jrun sourcecode Disclosure

mailing-list

x_refsource_BUGTRAQ

20020701 [VulnWatch] KPMG-2002026: Jrun sourcecode Disclosure

mailing-list

x_refsource_VULNWATCH

jrun-null-view-source(9459)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-1025

Description

Affected Products

References