CVE-2000-0812

Sun Java Web Server - RCE

Title source: llm

Description

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.

References (4)

[Patch, Vendor Advisory] http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&nav=sec.sba

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/templates/advisory.html?id=2542

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/1600

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5135

Scores

EPSS 0.0255

EPSS Percentile 85.3%

Classification

Status draft

Affected Products (4)

sun/java_system_web_server

Timeline

Published Nov 14, 2000

Tracked Since Feb 18, 2026