7.8
HIGH

CVE-2005-4836

Published: 31/12/2005 Updated: 09/02/2012
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

Vulnerability Summary

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: COMPLETE
Integrity Impact: NONE
Availability Impact: NONE

Affected Products

Vendor Product Versions
ApacheTomcat4.1.15, 4.1.16, 4.1.17, 4.1.18, 4.1.19, 4.1.20, 4.1.21, 4.1.22, 4.1.23, 4.1.24, 4.1.25, 4.1.26, 4.1.27, 4.1.28, 4.1.29, 4.1.30, 4.1.31, 4.1.32, 4.1.33, 4.1.34, 4.1.35, 4.1.36, 4.1.37, 4.1.39, 4.1.40

References