Description

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.

Remediation

References

CVE-2002-1148

Related Vulnerabilities

WordPress Plugin Easy Pixels eCommerce extension Unspecified Vulnerability (1.4)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.9.24)

LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4994)

Oracle Database Server CVE-2008-0345 Vulnerability (CVE-2008-0345)

Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399)

Severity

Medium

Classification

CVE-2002-1148

Tags

Missing Update Known Vulnerabilities