Description

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.

Remediation

References

CVE-2003-0043

Related Vulnerabilities

Oracle Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2004-1364)

WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.8.1)

WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Unspecified Vulnerability (5.7)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11537)

WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.2.5)

Severity

Medium

Classification

CVE-2003-0043

Tags

Missing Update Known Vulnerabilities