CVE Vulnerabilities

CVE-2000-0629

Published: Jul 12, 2000 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.

Affected Software

Name Vendor Start Version End Version
Java_system_web_server Sun 1.1.3 1.1.3
Java_system_web_server Sun 2.0 2.0

References