Lucene search

MitreCVE-2001-1510

HistoryJul 14, 2005 - 4:00 a.m.

CVE-2001-1510

2005-07-1404:00:00

mitre

web.nvd.nist.gov

allaire jrun

cve-2001-1510

iis 4.0/5.0

iplanet

apache

jrun

nvd

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.012

Percentile

85.7%

JSON

Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) “%3f.jsp”, (2) “?.jsp” or (3) “?” to the requested URL.

Affected configurations

Nvd

Node

macromediajrunMatch2.3.3

macromediajrunMatch3.0

macromediajrunMatch3.1

VendorProductVersionCPE
macromediajrun2.3.3cpe:2.3:a:macromedia:jrun:2.3.3:*:*:*:*:*:*:*
macromediajrun3.0cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:*
macromediajrun3.1cpe:2.3:a:macromedia:jrun:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
macromedia	jrun	2.3.3	cpe:2.3:a:macromedia:jrun:2.3.3:::::::*
macromedia	jrun	3.0	cpe:2.3:a:macromedia:jrun:3.0:::::::*
macromedia	jrun	3.1	cpe:2.3:a:macromedia:jrun:3.1:::::::*

References

online.securityfocus.com/archive/1/242843/2002-07-27/2002-08-02/2

online.securityfocus.com/archive/1/243203

www.iss.net/security_center/static/7623.php

www.macromedia.com/v1/handlers/index.cfm?ID=22262&Method=Full

www.securityfocus.com/archive/1/243636

www.securityfocus.com/bid/3592

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.012

Percentile

85.7%

JSON

Related for CVE-2001-1510