VULHUB ™

An issue has been discovered in Sybase Enterprise Application Server, Oracle9i Application Server with OC4J, Orion Server, Macromedia/Allaire JRun, HP Application Server, Pramati Application Server and jo! Webserver. Submitting a malformed request for the restricted WEB-INF directory will reveal highly sensitive system content to remote users. Obtaining information within this directory could result in the disclosure of highly sensitive data that could be used to leverage further attacks against the host.

An issue has been discovered in Sybase Enterprise Application Server, Oracle9i Application Server with OC4J, Orion Server, Macromedia/Allaire JRun, HP Application Server, Pramati Application Server and jo! Webserver. Submitting a malformed request for the restricted WEB-INF directory will reveal highly sensitive system content to remote users. Obtaining information within this directory could result in the disclosure of highly sensitive data that could be used to leverage further attacks against the host.