Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-01-29T05:00:00

Updated: 2024-08-08T01:43:35.163Z

Reserved: 2003-01-27T00:00:00

Link: CVE-2003-0042

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2003-02-07T05:00:00.000

Modified: 2017-07-11T01:29:27.180

Link: CVE-2003-0042

cve-icon Redhat

No data.