CVE-2001-0326
First published: Thu May 03 2001(Updated: )
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Application Server | =release_1.0.2.0.1 | |
| Oracle Oracle8i | =8.1.7_r3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle application server
- version/oracle application server/release_1.0.2.0.1
- canonical/oracle oracle8i
- version/oracle oracle8i/8.1.7_r3