Lucene search

[email protected]NVD:CVE-2001-0926

HistoryNov 28, 2001 - 5:00 a.m.

CVE-2001-0926

2001-11-2805:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.2%

JSON

SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request’s body has an #include statement.

Affected configurations

Nvd

Node

macromediajrunMatch2.3.3

macromediajrunMatch3.0

macromediajrunMatch3.1

VendorProductVersionCPE
macromediajrun2.3.3cpe:2.3:a:macromedia:jrun:2.3.3:*:*:*:*:*:*:*
macromediajrun3.0cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:*
macromediajrun3.1cpe:2.3:a:macromedia:jrun:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
macromedia	jrun	2.3.3	cpe:2.3:a:macromedia:jrun:2.3.3:::::::*
macromedia	jrun	3.0	cpe:2.3:a:macromedia:jrun:3.0:::::::*
macromedia	jrun	3.1	cpe:2.3:a:macromedia:jrun:3.1:::::::*

References

marc.info/?l=bugtraq&m=100697797325013&w=2

www.macromedia.com/v1/handlers/index.cfm?ID=22261&Method=Full

www.securityfocus.com/bid/3589

exchange.xforce.ibmcloud.com/vulnerabilities/7622

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

72.2%

JSON

Related for NVD:CVE-2001-0926

cvelist1 cve1