Summary
There is a bug in the Weblogic web application. Namely, by inserting a /ConsoleHelp/ into a URL, critical source code files may be viewed.
Solution
http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA02-03.jsp
Severity
Classification
-
CVE CVE-2000-0682 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- aeNovo Database Content Disclosure Vulnerability