CVE-2002-1148

Publication date

2004-09-01 04:00:00

Family

mitre

State

PUBLISHED

Description

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.