Количество 11
Количество 11
ELSA-2008-0042
ELSA-2008-0042: Moderate: tomcat security update (MODERATE)
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
CVE-2007-5461
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4 ...
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache To ...
GHSA-w65j-cmqc-37p2
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications
GHSA-v5p2-vg3c-pmrr
Apache Tomcat Path Traversal Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2008-0042 ELSA-2008-0042: Moderate: tomcat security update (MODERATE) | больше 17 лет назад | ||
 | CVE-2007-5461 Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | CVSS2: 3.5 | 7% Низкий | больше 17 лет назад |
 | CVE-2007-5461 Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | 7% Низкий | больше 17 лет назад | |
 | CVE-2007-5461 Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | CVSS2: 3.5 | 7% Низкий | больше 17 лет назад |
| CVE-2007-5461 Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4 ... | CVSS2: 3.5 | 7% Низкий | больше 17 лет назад |
| CVE-2007-5342 The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler. | CVSS2: 6.4 | 12% Средний | больше 17 лет назад |
| CVE-2007-5342 The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler. | 12% Средний | больше 17 лет назад | |
| CVE-2007-5342 The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler. | CVSS2: 6.4 | 12% Средний | больше 17 лет назад |
| CVE-2007-5342 The default catalina.policy in the JULI logging component in Apache To ... | CVSS2: 6.4 | 12% Средний | больше 17 лет назад |
| GHSA-w65j-cmqc-37p2 JULI logging component in Apache Tomcat does not restrict certain permissions for web applications | 12% Средний | около 3 лет назад | |
| GHSA-v5p2-vg3c-pmrr Apache Tomcat Path Traversal Vulnerability | 7% Низкий | около 3 лет назад |
Уязвимостей на страницу