Java Virtual Machine (JVM) Extended Control List (ECL) File Existence Disclosure Vulnerability

Java Virtual Machine (JVM) Extended Control List (ECL) File Existence Disclosure Vulnerability

CVE-2000-1117 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.

Learn more about our Web App Pen Testing.