5

CVE-2002-2007

Exploit

EPSS 22.61%
Published 31.12.2002 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Apache ≫ Tomcat Version3.2.3

Apache ≫ Tomcat Version3.2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	22.61%	0.953

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00272.html

Exploit

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00275.html

Exploit

http://www.iss.net/security_center/static/9208.php

http://www.kb.cert.org/vuls/id/116963

US Government Resource

http://www.procheckup.com/security_info/vuln_pr0205.html

http://www.procheckup.com/security_info/vuln_pr0206.html

http://www.procheckup.com/security_info/vuln_pr0207.html

http://www.securityfocus.com/bid/4876

Exploit

http://www.securityfocus.com/bid/4877

Exploit

http://www.securityfocus.com/bid/4878

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2002-2007

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-2007

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-2007

EUVD