Published: 30/06/2003 Updated: 02/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Sun ONE Application Server 7.0 for Windows 2000/XP allows remote malicious users to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle sun_one_application_server 7.0

source: wwwsecurityfocuscom/bid/7709/info Sun ONE Application Server is prone to a source code disclosure vulnerability This issue is due to handling of case in requests for resources By changing the case of a file extension, the server may fail to interpret the script and instead serve it as a normal web resource This issue exists fo ...

CWE-178 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity http://www.ciac.org/ciac/bulletins/n-103.shtml http://www.iss.net/security_center/static/12093.php http://www.securityfocus.com/bid/7709 http://www.spidynamics.com/sunone_alert.html http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1 http://marc.info/?l=bugtraq&m=105409846029475&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/22664/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0411

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect