Lucene search
Apache TomcatTOMCAT:F9D1631BF59EC0DE3EE07D066675DCBCHistoryJan 27, 2003 - 12:00 a.m.
Fixed in Apache Tomcat 3.3.1a
2003-01-2700:00:00
Apache Tomcat
tomcat.apache.org
12
0.116 Low
EPSS
Percentile
95.3%
Important: Information disclosure CVE-2003-0043
When used with JDK 1.3.1 or earlier, web.xml files were read with trusted privileges enabling files outside of the web application to be read even when running under a security manager.
Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1
Important: Information disclosure CVE-2003-0042
URLs containing null characters could result in file contents being returned or a directory listing being returned even when a welcome file was defined.
Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3a-3.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache tomcat | eq | 3.0 | |
| apache tomcat | ge | 3.1 | |
| apache tomcat | le | 3.1.1 | |
| apache tomcat | ge | 3.2 | |
| apache tomcat | le | 3.2.4 | |
| apache tomcat | eq | 3.3a-3.3.1 |
Related
openvas
openvas
Apache Tomcat < 3.3.1a Directory Listing and File Disclosure Vulnerability - Active Check
2005-11-03 00:00:00
Debian Security Advisory DSA 246-1 (tomcat)
2008-01-17 00:00:00
Debian Security Advisory DSA 246-1 (tomcat)
2008-01-17 00:00:00
nessus
nessus
Apache Tomcat Directory Listing and File Disclosure
2003-03-22 00:00:00
Debian DSA-246-1 : tomcat - information exposure, XSS
2004-09-29 00:00:00
osv
osv
tomcat - information exposure, cross site scripting
2003-01-29 00:00:00
Jakarta Tomcat Directory Listing vulnerability
2022-04-29 01:25:43
cve
cve
CVE-2003-0043
2003-02-07 05:00:00
CVE-2003-0042
2003-02-07 05:00:00
cvelist
cvelist
CVE-2003-0043
2004-09-01 04:00:00
CVE-2003-0042
2003-01-29 05:00:00
github
github
Jakarta Tomcat Directory Listing vulnerability
2022-04-29 01:25:43