← back
CVE-2001-1510

CVE-2001-1510

EPSS 2.5%
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://online.securityfocus.com/archive/1/242843/2002-07-27/2002-08-02/2http://online.securityfocus.com/archive/1/243203http://www.iss.net/security_center/static/7623.phphttp://www.macromedia.com/v1/handlers/index.cfm?ID=22262&Method=Fullhttp://www.securityfocus.com/archive/1/243636http://www.securityfocus.com/bid/3592