Description

Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.

Remediation

References

CVE-2005-4703

Related Vulnerabilities

Joomla Improper Privilege Management Vulnerability (CVE-2018-17855)

WordPress Improper Privilege Management Vulnerability (CVE-2020-28036)

MySQL CVE-2021-2065 Vulnerability (CVE-2021-2065)

WordPress Plugin Solve Media CAPTCHA Cross-Site Request Forgery (1.1.0)

WordPress Plugin Connections Business Directory Unspecified Vulnerability (10.4.7)

Severity

Medium

Classification

CVE-2005-4703

Tags

Missing Update Known Vulnerabilities