← CVECheck
HomeVulnerabilities

CVE-2003-0042 — MEDIUM severity vulnerability (Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or ea)

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.

CVE IDCVE-2003-0042
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2003-02-07
Last modified2026-04-16
DescriptionJakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →