exploitDog

CVE-2011-3376

Опубликовано: 11 нояб. 2011

Источник: ubuntu

Приоритет: low

CVSS2: 4.4

Описание

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

Релиз	Статус	Примечание
devel	not-affected	7.0.22-1
hardy	DNE
lucid	DNE
maverick	DNE
natty	DNE
oneiric	released	7.0.21-1ubuntu0.1
precise	not-affected	7.0.22-1
quantal	not-affected	7.0.22-1
upstream	released	7.0.22-1

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2011-3376

4.4 Medium

CVSS2

Связанные уязвимости

CVE-2011-3376

redhat

больше 13 лет назад

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

CVE-2011-3376

nvd

больше 13 лет назад

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

CVE-2011-3376

debian

больше 13 лет назад

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat ...

GHSA-cw29-r48c-h5f9

github

около 3 лет назад

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

4.4 Medium

CVSS2