Description

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.

Remediation

References

CVE-2003-0042

Related Vulnerabilities

WordPress Plugin Responsive WordPress Slider Cross-Site Scripting (2.2.0)

Internet Information Services Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-0422)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12625)

Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.8)

WordPress Plugin CallRail Phone Call Tracking Cross-Site Request Forgery (0.4.9)

Severity

Medium

Classification

CVE-2003-0042

Tags

Missing Update Known Vulnerabilities