Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).Referenceshttp://www.atstake.com/research/advisories/2003/a091503-1.txt
