CVE-2002-1394

Published: Sep 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-200210-001

vendor-advisory

x_refsource_GENTOO

http://marc.info/?l=tomcat-dev&m=103417249325526&w=2

x_refsource_CONFIRM

DSA-225

vendor-advisory

x_refsource_DEBIAN

RHSA-2003:075

vendor-advisory

x_refsource_REDHAT

6562

vdb-entry

x_refsource_BID

http://issues.apache.org/bugzilla/show_bug.cgi?id=13365

x_refsource_CONFIRM

RHSA-2003:082

vendor-advisory

x_refsource_REDHAT

tomcat-invoker-source-code(10376)

vdb-entry

x_refsource_XF

[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-1394

Description

Affected Products

References