CVE-2002-1089 Information

Description

rwcgi60 CGI program in Oracle Reports Server by design provides sensitive information such as the full pathname which could enable remote attackers to use the information in additional attacks.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0203.html http://www.iss.net/security_center/static/9628.php http://www.securityfocus.com/bid/5262