Description
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
Remediation
References
Related Vulnerabilities
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3673)
WordPress Plugin Slimstat Analytics Cross-Site Scripting (2.8.4)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6423)
Oracle Database Server CVE-2006-1873 Vulnerability (CVE-2006-1873)