Published: 07/02/2003 Updated: 11/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x up to and including 3.3.1a allow remote malicious users to insert arbitrary web script or HTML.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache tomcat 3.3
apache tomcat 3.3.1
apache tomcat 3.2.3
apache tomcat 3.2.4
apache tomcat 3.0
apache tomcat 3.1
apache tomcat 3.1.1
apache tomcat 3.3.1a
apache tomcat 3.2
apache tomcat 3.2.1

The developers of tomcat discovered several problems in tomcat version 3x The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2003-0042: A maliciously crafted request could return a directory listing even when an indexhtml, indexjsp, or other welcome file is present File contents can be returned as we ...

NVD-CWE-Other http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt http://www.debian.org/security/2003/dsa-246 http://www.securityfocus.com/advisories/5111 http://www.ciac.org/ciac/bulletins/n-060.shtml http://www.securityfocus.com/bid/6720 http://www.osvdb.org/9203 http://www.osvdb.org/9204 http://secunia.com/advisories/7972 https://exchange.xforce.ibmcloud.com/vulnerabilities/11196 https://nvd.nist.gov https://www.debian.org/security/./dsa-246

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0044

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect