Unrated severityNVD Advisory· Published Feb 6, 2002· Updated Jun 16, 2026
CVE-2001-1372
CVE-2001-1372
Description
Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*
- Range: 1.0.2
Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/3341nvdExploitPatchVendor Advisory
- www.cert.org/advisories/CA-2002-08.htmlnvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/278971nvdUS Government Resource
- marc.infonvd
- marc.infonvd
- otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdfnvd
- www.nii.co.in/research.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/7135nvd
News mentions
0No linked articles in our index yet.