New Search

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6 4.1.0 5.0.0 5.5.0 through 5.5.25 and 6.0.0 through 6.0.14 under certain configurations allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

oval:org.mitre.oval:def:9202

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6 4.1.0 5.0.0 5.5.0 through 5.5.25 and 6.0.0 through 6.0.14 under certain configurations allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-5461
Product(s):