Onapsis Security Advisory – The Message-Driven Bean Example application in the SAP J2EE Engine suffers from a path traversal vulnerability, which may enable remote attackers to access sensitive files in the server filesystem.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86203/OSA-2010-002.txt
Source: https://packetstormsecurity.com/files/86203/SAP-J2EE-Engine-MDB-Path-Traversal.html