Description
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
Remediation
References
Related Vulnerabilities
Oracle Database Server Improper Authentication Vulnerability (CVE-2012-3137)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5610)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Security Bypass (2.9.2)
WordPress Plugin WP Support Plus Responsive Ticket System Multiple Vulnerabilities (4.1)