NuytsTech Security

CVE-2005-4550

by ·

The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).

Date published : 2005-12-28

http://www.securityfocus.com/bid/16048

http://marc.info/?l=full-disclosure&m=113532633229270&w=2

Tags: