CVE-2002-2007 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

source: https://www.securityfocus.com/bid/4878/info Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation. Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the realPath.jsp page is accessed, it may leak information. Upon being accessed, the realPath.jsp page will display the web root directory of the Tomcat implementation. http://example.com/test/realPath.jsp

source: https://www.securityfocus.com/bid/4876/info Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation. Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the source.jsp page is passed a malformed request, it may leak information. This information may include the web root directory, and possibly a directory listing. http://example.com:80/examples/jsp/source.jsp?? http://example.com:80/examples/jsp/source.jsp?/jsp/

source: https://www.securityfocus.com/bid/4877/info Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation. When Apache Tomcat is installed with a default configuration, several example files are also installed. When some of these example files are requested without any input, they will return an error containing the absolute path to the server's web root. The attacker can submit a request in one of the following formats: http://webserver/test/jsp/pageInfo.jsp http://webserver/test/jsp/pageImport2.jsp http://webserver/test/jsp/buffer1.jsp http://webserver/test/jsp/buffer2.jsp http://webserver/test/jsp/buffer3.jsp http://webserver/test/jsp/buffer4.jsp http://webserver/test/jsp/comments.jsp http://webserver/test/jsp/extends1.jsp http://webserver/test/jsp/extends2.jsp http://webserver/test/jsp/pageAutoFlush.jsp http://webserver/test/jsp/pageDouble.jsp http://webserver/test/jsp/pageExtends.jsp http://webserver/test/jsp/pageImport2.jsp http://webserver/test/jsp/pageInfo.jsp http://webserver/test/jsp/pageInvalid.jsp http://webserver/test/jsp/pageIsErrorPage.jsp http://webserver/test/jsp/pageIsThreadSafe.jsp http://webserver/test/jsp/pageLanguage.jsp http://webserver/test/jsp/pageSession.jsp http://webserver/test/jsp/declaration/IntegerOverflow.jsp