Skip to main content

Improper Handling of Case Sensitivity

CVE-2000-0498

Severity High
Score 7.5/10

Summary

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

CWE-178 - Improper Handling of Case Sensitivity

The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

References

Advisory Timeline

  • Published