CVE-2001-0926

Published: Nov 28, 2001Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.

Affected (3)

Products: Macromedia: Jrun

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Macromedia Jrun	Version 2.3.3
Macromedia Jrun	Version 3.0
Macromedia Jrun	Version 3.1

References (8)

http://marc.info/?l=bugtraq&m=100697797325013&w=2

Source: cve@mitre.org

http://www.macromedia.com/v1/handlers/index.cfm?ID=22261&Method=Full

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/3589

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7622

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=100697797325013&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.macromedia.com/v1/handlers/index.cfm?ID=22261&Method=Full

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/3589

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7622

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.