CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0892

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0690%
EPSS Percentile39.91th
PublishedOct 4, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

Affected Platforms (CPE)

πŸ“¦
New Atlanta Communications

Servletexec Isapi

= 4.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html
πŸ”— http://online.securityfocus.com/archive/1/273615
πŸ”— http://www.iss.net/security_center/static/9139.php
πŸ”— http://www.newatlanta.com/do/findFaq?faq_id=151
πŸ”— http://www.securityfocus.com/bid/4793
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html
πŸ”— http://online.securityfocus.com/archive/1/273615
πŸ”— http://www.iss.net/security_center/static/9139.php

Related Vulnerabilities

CVE-2002-08935.0

Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-en...

CVE-2002-08945.0

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp fi...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...