Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
References
Configurations
History
07 Nov 2023, 01:58
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2005-12-31 05:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-4703
Mitre link : CVE-2005-4703
CVE.ORG link : CVE-2005-4703
JSON object : View
Products Affected
apache
- tomcat
CWE