CVE-2003-0017

Apache 2.0 <2.0.44 - Info Disclosure

Title source: llm
STIX 2.1

Description

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.

References (15)

Core 15
Core References

Scores

EPSS 0.0558
EPSS Percentile 92.0%

Details

Status published
Products (8)
apache/http_server 2.0.36
apache/http_server 2.0.37
apache/http_server 2.0.38
apache/http_server 2.0.39
apache/http_server 2.0.40
apache/http_server 2.0.41
apache/http_server 2.0.42
apache/http_server 2.0.43
Published Feb 07, 2003
Tracked Since Feb 18, 2026