Oracle Application Server Other Vulnerability - CVE-2002-1858 - Vulnerability Database

Oracle Application Server Other Vulnerability - CVE-2002-1858

Medium

Reference: CVE-2002-1858

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2002-1858

Title: Oracle Application Server Other Vulnerability

Overview:

Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1 when running on Windows allows remote attackers to retrieve files in the WEB-INF directory which contains Java class files and configuration information via a request to the WEB-INF directory with a trailing dot (quotWEB-INF.quot).