The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-08T03:03:49.264Z
Reserved: 2002-08-16T00:00:00
Link: CVE-2002-0892

No data.

Status : Deferred
Published: 2002-10-04T04:00:00.000
Modified: 2025-04-03T01:03:51.193
Link: CVE-2002-0892

No data.