Description

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

Remediation

References

CVE-2002-1394

Related Vulnerabilities

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.9)

Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5)

MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)

WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)

WordPress Plugin WP Custom Fields Search Cross-Site Scripting (0.3.28)

Severity

High

Classification

CVE-2002-1394

Tags

Missing Update Known Vulnerabilities