Directory traversal vulnerability in Oracle JSP 1.0.x up to and including 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote malicious user to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle application server 1.0.2 |
||
oracle jsp |