Lucene search
Apache TomcatTOMCAT:4E8472224E2361226264CFAA472A44A7HistoryJun 25, 2002 - 12:00 a.m.
Fixed in Apache Tomcat 4.0.2
2002-06-2500:00:00
Apache Tomcat
tomcat.apache.org
11
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.013 Low
EPSS
Percentile
86.0%
Low: Information disclosure CVE-2002-2009, CVE-2001-0917
Requests for JSP files where the file name is preceded by ‘+/’, ‘>/’, ‘</’ or ‘%20/’ or a request for a JSP with a long file name would result in in an error page that included the full file system path to the JSP file.
Affects: 4.0.0-4.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache tomcat | ge | 4.0.0 | |
| apache tomcat | le | 4.0.1 |
Related
nessus
nessus
Apache Tomcat Long URL Information Disclosure
2010-10-01 00:00:00
cvelist
cvelist
CVE-2001-0917
2002-06-25 04:00:00
CVE-2002-2009
2005-07-14 04:00:00
nvd
nvd
CVE-2001-0917
2001-11-22 05:00:00
CVE-2002-2009
2002-12-31 05:00:00
cve
cve
CVE-2001-0917
2002-06-25 04:00:00
CVE-2002-2009
2005-07-14 04:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.013 Low
EPSS
Percentile
86.0%
Related for TOMCAT:4E8472224E2361226264CFAA472A44A7