Description

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

Remediation

References

CVE-2002-1394

Related Vulnerabilities

Oracle JRE CVE-2013-5818 Vulnerability (CVE-2013-5818)

OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-2182)

WordPress Plugin easyping-website subscriptions done right PHP Object Injection (0.0.1)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2571)

WordPress Plugin FG PrestaShop to WooCommerce Cross-Site Scripting (3.19.1)

Severity

High

Classification

CVE-2002-1394

Tags

Missing Update Known Vulnerabilities