Back to CVE Browser

CVE-2002-0893

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile5.14th

PublishedOct 4, 2002

Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.

Affected Platforms (CPE)

📦

New Atlanta Communications

Servletexec Isapi

= 4.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html

🔗 http://online.securityfocus.com/archive/1/273615

🔗 http://www.iss.net/security_center/static/9140.php

🔗 http://www.securityfocus.com/bid/4795

🔗 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html

🔗 http://online.securityfocus.com/archive/1/273615

🔗 http://www.iss.net/security_center/static/9140.php

🔗 http://www.securityfocus.com/bid/4795

Related Vulnerabilities

CVE-2002-08925.0

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a ...

CVE-2002-08945.0

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp fi...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...