Description

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.

Remediation

References

CVE-2005-4836

Related Vulnerabilities

Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)

Oracle HTTP Server CVE-2021-35666 Vulnerability (CVE-2021-35666)

WordPress Plugin Cookie Consent for WP-Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) Cross-Site Scripting (3.2.0)

IBM WebSEAL Other Vulnerability (CVE-2023-30997)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.0.9)

Severity

High

Classification

CVE-2005-4836 CWE-200

Tags

Missing Update Known Vulnerabilities