Definition


New Search

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6 4.1.0 5.0.0 5.5.0 through 5.5.25 and 6.0.0 through 6.0.14 under certain configurations allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

oval:org.mitre.oval:def:9202

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6 4.1.0 5.0.0 5.5.0 through 5.5.25 and 6.0.0 through 6.0.14 under certain configurations allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-5461
Product(s):