CVE-2003-0042

medium

Apache

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Score

55.8%

Exploitation probability in 30 days

Top 2% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: February 7, 2003 (8497 days ago)

Last Modified: April 16, 2026

Vendor: Apache

Source: NVD

Description

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.

CWE

NVD-CWE-Other

Affected Products

apache tomcat

References

🔗 jakarta.apache.org 🔗 jakarta.apache.org 🔗 marc.info 🔗 secunia.com 🔗 secunia.com

CVE-2003-0042

Vulnerability Report

Description

CWE

Affected Products

References