Description
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Directory Traversal (2.6.95)
WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-4721)
Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)