5

CVE-2002-2007

Exploit

EPSS 22.61%
Veröffentlicht 31.12.2002 05:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Tomcat Version3.2.3

Apache ≫ Tomcat Version3.2.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	22.61%	0.953

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00272.html

Exploit

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00275.html

Exploit

http://www.iss.net/security_center/static/9208.php

http://www.kb.cert.org/vuls/id/116963

US Government Resource

http://www.procheckup.com/security_info/vuln_pr0205.html

http://www.procheckup.com/security_info/vuln_pr0206.html

http://www.procheckup.com/security_info/vuln_pr0207.html

http://www.securityfocus.com/bid/4876

Exploit

http://www.securityfocus.com/bid/4877

Exploit

http://www.securityfocus.com/bid/4878

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2002-2007

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-2007

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-2007

EUVD