CVE-2001-0926
First published: Wed Nov 28 2001(Updated: )
SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia JRun | =3.1 | |
| Macromedia JRun | =2.3.3 | |
| Macromedia JRun | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/macromedia
- canonical/macromedia jrun
- version/macromedia jrun/3.1
- version/macromedia jrun/2.3.3
- version/macromedia jrun/3.0