Description

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.

Remediation

References

CVE-2003-0042

Related Vulnerabilities

Riot.js Resource Management Errors Vulnerability (CVE-2016-10527)

WordPress Plugin Subscribe to Comments Multiple Cross-Site Scripting Vulnerabilities (2.0.4)

WordPress Plugin NotificationX-WooCommerce Sales Notification Popup, Custom & Live Sales Notification, FOMO, Social Proof, Announcement Banner & Sticky Notification Bar SQL Injection (2.3.11)

Oracle Application Server Other Vulnerability (CVE-2004-2134)

Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0088)

Severity

Medium

Classification

CVE-2003-0042

Tags

Missing Update Known Vulnerabilities