Oracle Application Server Other Vulnerability - CVE-2002-1858
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1 when running on Windows allows remote attackers to retrieve files in the WEB-INF directory which contains Java class files and configuration information via a request to the WEB-INF directory with a trailing dot (quotWEB-INF.quot).