Vulnerability Description
The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Java System Web Server | 1.1.2 |
References
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&PatchVendor Advisory
- http://www.securityfocus.com/bid/1600
- http://www.securityfocus.com/templates/advisory.html?id=2542ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5135
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&PatchVendor Advisory
- http://www.securityfocus.com/bid/1600
- http://www.securityfocus.com/templates/advisory.html?id=2542ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5135
FAQ
What is CVE-2000-0812?
CVE-2000-0812 is a vulnerability with a CVSS score of 10.0 (HIGH). The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServ...
How severe is CVE-2000-0812?
CVE-2000-0812 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0812?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Java System Web Server.