CVE-2014-0414

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware version 10.1.3.5

Description The issue affects confidentiality and is related to HTTP Request Handling. It involves incorrect handling of a null byte in the path when forwarding a request to another static page or JSP script using functions like pageContext.forward or jsp:forward. This can disrupt the logic of script processing by global servlets, potentially allowing an attacker to form a request to process a JSP script as SHTML, thereby obtaining the script's source code. On Windows operating systems, in combination with a directory traversal vulnerability, this could lead to the execution of arbitrary commands when a file containing SHTML code is called as an SHTML script.

Recommendations For Oracle Fusion Middleware version 10.1.3.5, consider restricting access to vulnerable functions like pageContext.forward or jsp:forward until a patch is available. Additionally, avoid using the jsp:forward function to forward requests to static pages or JSP scripts that could be manipulated by an attacker. As a temporary workaround, consider disabling the execution of SHTML scripts to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.