Published: 07/02/2003 Updated: 10/10/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Jakarta Tomcat prior to 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote malicious users to read portions of some files through the web.xml file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache tomcat 3.0
apache tomcat 3.1
apache tomcat 3.3.1
apache tomcat 3.2.4
apache tomcat 3.3
apache tomcat 3.1.1
apache tomcat 3.2
apache tomcat 3.2.1
apache tomcat 3.2.3

The developers of tomcat discovered several problems in tomcat version 3x The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2003-0042: A maliciously crafted request could return a directory listing even when an indexhtml, indexjsp, or other welcome file is present File contents can be returned as we ...

NVD-CWE-Other http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt http://www.debian.org/security/2003/dsa-246 http://www.securityfocus.com/advisories/5111 http://www.ciac.org/ciac/bulletins/n-060.shtml http://www.securityfocus.com/bid/6722 https://exchange.xforce.ibmcloud.com/vulnerabilities/11195 https://nvd.nist.gov https://www.debian.org/security/./dsa-246

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0043

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect