5

CVE-2002-2007

Exploit

EPSS 22.61%
Veröffentlicht 31.12.2002 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Tomcat Version3.2.3

Apache ≫ Tomcat Version3.2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	22.61%	0.953

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00272.html

Exploit

http://cert.uni-stuttgart.de/archive/bugtraq/2002/05/msg00275.html

Exploit

http://www.iss.net/security_center/static/9208.php

http://www.kb.cert.org/vuls/id/116963

US Government Resource

http://www.procheckup.com/security_info/vuln_pr0205.html

http://www.procheckup.com/security_info/vuln_pr0206.html

http://www.procheckup.com/security_info/vuln_pr0207.html

http://www.securityfocus.com/bid/4876

Exploit

http://www.securityfocus.com/bid/4877

Exploit

http://www.securityfocus.com/bid/4878

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2002-2007

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-2007

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-2007

EUVD