← CVECheck
HomeVulnerabilities

CVE-2002-0892 — MEDIUM severity vulnerability (The default configuration of NewAtlanta ServletExec ISAPI 4.)

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

CVE IDCVE-2002-0892
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-10-04
Last modified2026-04-16
DescriptionThe default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →