Description

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.

Remediation

References

CVE-2002-1148

Related Vulnerabilities

XWiki CVE-2023-26473 Vulnerability (CVE-2023-26473)

WordPress Plugin Woo Custom Checkout Field Multiple Vulnerabilities (1.3.2)

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2012-0867)

phpMyAdmin CVE-2019-19617 Vulnerability (CVE-2019-19617)

WordPress Plugin Powerplay Gallery Multiple Vulnerabilities (3.3)

Severity

Medium

Classification

CVE-2002-1148

Tags

Missing Update Known Vulnerabilities