CVE-2000-1224

Name of the Vulnerable Software and Affected Versions Caucho Technology Resin version 1.2 and earlier

Description The issue allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name. These characters include "..", "%2e..", "%81", "%82", and others.

Recommendations For Caucho Technology Resin version 1.2 and earlier, consider restricting access to .jsp files to prevent viewing of JSP source code until a fix is available. As a temporary workaround, avoid using special characters in file names to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.