Description

Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.

Remediation

References

CVE-2005-4703

Related Vulnerabilities

MySQL CVE-2016-5437 Vulnerability (CVE-2016-5437)

WordPress 3.1 Multiple Vulnerabilities (0.7 - 3.1)

WordPress Plugin MP3-jPlayer Cross-Site Scripting (1.8.3)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4342)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.0)

Severity

Medium

Classification

CVE-2005-4703

Tags

Missing Update Known Vulnerabilities