Логотип exploitDog
bind:"CVE-2007-5461" OR bind:"CVE-2007-5342"
Консоль
Логотип exploitDog

exploitDog

bind:"CVE-2007-5461" OR bind:"CVE-2007-5342"

Количество 11

Количество 11

oracle-oval логотип

ELSA-2008-0042

больше 17 лет назад

ELSA-2008-0042: Moderate: tomcat security update (MODERATE)

EPSS: Низкий
ubuntu логотип

CVE-2007-5461

почти 18 лет назад

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

CVSS2: 3.5
EPSS: Низкий
redhat логотип

CVE-2007-5461

почти 18 лет назад

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

EPSS: Низкий
nvd логотип

CVE-2007-5461

почти 18 лет назад

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2007-5461

почти 18 лет назад

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4 ...

CVSS2: 3.5
EPSS: Низкий
ubuntu логотип

CVE-2007-5342

больше 17 лет назад

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

CVSS2: 6.4
EPSS: Средний
redhat логотип

CVE-2007-5342

больше 17 лет назад

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

EPSS: Средний
nvd логотип

CVE-2007-5342

больше 17 лет назад

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

CVSS2: 6.4
EPSS: Средний
debian логотип

CVE-2007-5342

больше 17 лет назад

The default catalina.policy in the JULI logging component in Apache To ...

CVSS2: 6.4
EPSS: Средний
github логотип

GHSA-w65j-cmqc-37p2

больше 3 лет назад

JULI logging component in Apache Tomcat does not restrict certain permissions for web applications

EPSS: Средний
github логотип

GHSA-v5p2-vg3c-pmrr

больше 3 лет назад

Apache Tomcat Path Traversal Vulnerability

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
oracle-oval логотип
ELSA-2008-0042

ELSA-2008-0042: Moderate: tomcat security update (MODERATE)

больше 17 лет назад
ubuntu логотип
CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

CVSS2: 3.5
7%
Низкий
почти 18 лет назад
redhat логотип
CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

7%
Низкий
почти 18 лет назад
nvd логотип
CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

CVSS2: 3.5
7%
Низкий
почти 18 лет назад
debian логотип
CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4 ...

CVSS2: 3.5
7%
Низкий
почти 18 лет назад
ubuntu логотип
CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

CVSS2: 6.4
12%
Средний
больше 17 лет назад
redhat логотип
CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

12%
Средний
больше 17 лет назад
nvd логотип
CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

CVSS2: 6.4
12%
Средний
больше 17 лет назад
debian логотип
CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache To ...

CVSS2: 6.4
12%
Средний
больше 17 лет назад
github логотип
GHSA-w65j-cmqc-37p2

JULI logging component in Apache Tomcat does not restrict certain permissions for web applications

12%
Средний
больше 3 лет назад
github логотип
GHSA-v5p2-vg3c-pmrr

Apache Tomcat Path Traversal Vulnerability

7%
Низкий
больше 3 лет назад

Уязвимостей на страницу