5
CVSSv2

CVE-2003-0043

Published: 07/02/2003 Updated: 20/11/2024

Vulnerability Summary

Jakarta Tomcat prior to 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote malicious users to read portions of some files through the web.xml file.

Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 3.0

apache tomcat 3.1

apache tomcat 3.1.1

apache tomcat 3.2

apache tomcat 3.2.1

apache tomcat 3.2.3

apache tomcat 3.2.4

apache tomcat 3.3

apache tomcat 3.3.1

Vendor Advisories

The developers of tomcat discovered several problems in tomcat version 3x The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2003-0042: A maliciously crafted request could return a directory listing even when an indexhtml, indexjsp, or other welcome file is present File contents can be returned as we ...