Apache Tomcat 4.0.5 and previous versions, when using both the invoker servlet and the default servlet, allows remote malicious users to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 4.0.0 |
||
apache tomcat 4.0.1 |
||
apache tomcat 4.0.2 |
||
apache tomcat 4.0.3 |
||
apache tomcat 4.0.4 |
||
apache tomcat 4.0.5 |
||
apache tomcat 4.1.0 |
||
apache tomcat 4.1.3 |
||
apache tomcat 4.1.9 |
||
apache tomcat 4.1.10 |