CVE-2006-0819

Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.

Date published : 2006-03-13

http://www.securityfocus.com/bid/17123

http://www.securityfocus.com/archive/1/427478/100/0/threaded