CVE-2001-1511

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.6%
top 30.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Jrun
Timeline
PublishedDec 31
Latest updateApr 30

Description

JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570".

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmacromedia/jrun3.0, 3.1+1

Patches

Patch: www.iss.netPatch: www.macromedia.comPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-qx2c-75c5-72ff: JRun 32022-04-30
CVEList
CVE-2001-1511: JRun 32005-07-14
CVE-2001-1511 (MEDIUM CVSS 5) | JRun 3.0 and 3.1 running on JRun We | cvebase.io