CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-0326

Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/bugtraq/2001-02/0255.html
http://www.osvdb.org/5706
https://exchange.xforce.ibmcloud.com/vulnerabilities/6438
http://archives.neohapsis.com/archives/bugtraq/2001-02/0255.html
http://www.osvdb.org/5706
https://exchange.xforce.ibmcloud.com/vulnerabilities/6438

Products affected by CVE-2001-0326

Oracle » Application Server » Version: release_1.0.2.0.1

cpe:2.3:a:oracle:application_server:release_1.0.2.0.1
Oracle » Oracle8i » Version: 8.1.7_r3

cpe:2.3:a:oracle:oracle8i:8.1.7_r3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0326

Products

Pricing

Contact Us