CVE-2003-0411

Name of the Vulnerable Software and Affected Versions: Sun ONE Application Server version 7.0

Description: The issue allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.

Recommendations: For Sun ONE Application Server version 7.0, consider configuring the server to handle JSP files in a case-insensitive manner or restrict access to JSP files to prevent source code disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.