ByteOS Network

▼CVE Numbering Authority (CNA)

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113	vendor-advisory x_refsource_HP
http://marc.info/?l=bugtraq&m=127420533226623&w=2	vendor-advisory x_refsource_HP
http://svn.apache.org/viewvc?rev=892815&view=rev	x_refsource_CONFIRM
http://secunia.com/advisories/39317	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2207	vendor-advisory x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html	vendor-advisory x_refsource_SUSE
http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory x_refsource_HP
http://secunia.com/advisories/40330	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177	vendor-advisory x_refsource_MANDRIVA
http://securitytracker.com/id?1023505	vdb-entry x_refsource_SECTRACK
http://secunia.com/advisories/43310	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/55855	vdb-entry x_refsource_XF
http://marc.info/?l=bugtraq&m=127420533226623&w=2	vendor-advisory x_refsource_HP
http://www.vupen.com/english/advisories/2010/1559	vdb-entry x_refsource_VUPEN
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	vendor-advisory x_refsource_APPLE
http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory x_refsource_HP
http://www.securityfocus.com/bid/37944	vdb-entry x_refsource_BID
http://www.vupen.com/english/advisories/2010/1986	vdb-entry x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2010-0580.html	vendor-advisory x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/40813	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/38541	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176	vendor-advisory x_refsource_MANDRIVA
http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM
http://secunia.com/advisories/57126	third-party-advisory x_refsource_SECUNIA
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/509148/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://ubuntu.com/usn/usn-899-1	vendor-advisory x_refsource_UBUNTU
http://support.apple.com/kb/HT4077	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/38687	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/38346	third-party-advisory x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory x_refsource_HP
http://tomcat.apache.org/security-5.html	x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0119.html	vendor-advisory x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2010-0582.html	vendor-advisory x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355	vdb-entry signature x_refsource_OVAL
http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory x_refsource_HP
http://secunia.com/advisories/38316	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2010/0213	vdb-entry x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=139344343412337&w=2	vendor-advisory x_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113	vendor-advisory x_refsource_HP
http://svn.apache.org/viewvc?rev=902650&view=rev	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html	vendor-advisory x_refsource_SUSE
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://marc.info/?l=bugtraq&m=127420533226623&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://svn.apache.org/viewvc?rev=892815&view=rev

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/39317

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.debian.org/security/2011/dsa-2207

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://marc.info/?l=bugtraq&m=136485229118404&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://secunia.com/advisories/40330

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:177

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://securitytracker.com/id?1023505

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://secunia.com/advisories/43310

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/55855

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://marc.info/?l=bugtraq&m=127420533226623&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://www.vupen.com/english/advisories/2010/1559

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://marc.info/?l=bugtraq&m=133469267822771&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://www.securityfocus.com/bid/37944

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.vupen.com/english/advisories/2010/1986

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0580.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/40813

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/38541

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:176

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://tomcat.apache.org/security-6.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/57126

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/archive/1/509148/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://ubuntu.com/usn/usn-899-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://support.apple.com/kb/HT4077

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/38687

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/38346

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://marc.info/?l=bugtraq&m=133469267822771&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://tomcat.apache.org/security-5.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0119.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0582.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://marc.info/?l=bugtraq&m=136485229118404&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://secunia.com/advisories/38316

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.vupen.com/english/advisories/2010/0213

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://marc.info/?l=bugtraq&m=139344343412337&w=2

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://svn.apache.org/viewvc?rev=902650&view=rev

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113	vendor-advisory x_refsource_HP x_transferred
http://marc.info/?l=bugtraq&m=127420533226623&w=2	vendor-advisory x_refsource_HP x_transferred
http://svn.apache.org/viewvc?rev=892815&view=rev	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/39317	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2011/dsa-2207	vendor-advisory x_refsource_DEBIAN x_transferred
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html	vendor-advisory x_refsource_SUSE x_transferred
http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory x_refsource_HP x_transferred
http://secunia.com/advisories/40330	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177	vendor-advisory x_refsource_MANDRIVA x_transferred
http://securitytracker.com/id?1023505	vdb-entry x_refsource_SECTRACK x_transferred
http://secunia.com/advisories/43310	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/55855	vdb-entry x_refsource_XF x_transferred
http://marc.info/?l=bugtraq&m=127420533226623&w=2	vendor-advisory x_refsource_HP x_transferred
http://www.vupen.com/english/advisories/2010/1559	vdb-entry x_refsource_VUPEN x_transferred
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	vendor-advisory x_refsource_APPLE x_transferred
http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory x_refsource_HP x_transferred
http://www.securityfocus.com/bid/37944	vdb-entry x_refsource_BID x_transferred
http://www.vupen.com/english/advisories/2010/1986	vdb-entry x_refsource_VUPEN x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0580.html	vendor-advisory x_refsource_REDHAT x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/40813	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/38541	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176	vendor-advisory x_refsource_MANDRIVA x_transferred
http://tomcat.apache.org/security-6.html	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/57126	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/archive/1/509148/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://ubuntu.com/usn/usn-899-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://support.apple.com/kb/HT4077	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	vendor-advisory x_refsource_SUSE x_transferred
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/38687	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/38346	third-party-advisory x_refsource_SECUNIA x_transferred
http://marc.info/?l=bugtraq&m=133469267822771&w=2	vendor-advisory x_refsource_HP x_transferred
http://tomcat.apache.org/security-5.html	x_refsource_CONFIRM x_transferred
http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0119.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0582.html	vendor-advisory x_refsource_REDHAT x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355	vdb-entry signature x_refsource_OVAL x_transferred
http://marc.info/?l=bugtraq&m=136485229118404&w=2	vendor-advisory x_refsource_HP x_transferred
http://secunia.com/advisories/38316	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.vupen.com/english/advisories/2010/0213	vdb-entry x_refsource_VUPEN x_transferred
http://marc.info/?l=bugtraq&m=139344343412337&w=2	vendor-advisory x_refsource_HP x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113	vendor-advisory x_refsource_HP x_transferred
http://svn.apache.org/viewvc?rev=902650&view=rev	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html	vendor-advisory x_refsource_SUSE x_transferred
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E	mailing-list x_refsource_MLIST x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=127420533226623&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://svn.apache.org/viewvc?rev=892815&view=rev

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/39317

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.debian.org/security/2011/dsa-2207

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=136485229118404&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://secunia.com/advisories/40330

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:177

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://securitytracker.com/id?1023505

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://secunia.com/advisories/43310

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/55855

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=127420533226623&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1559

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=133469267822771&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://www.securityfocus.com/bid/37944

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1986

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0580.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/40813

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/38541

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:176

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://tomcat.apache.org/security-6.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/57126

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/509148/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://ubuntu.com/usn/usn-899-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://support.apple.com/kb/HT4077

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://secunia.com/advisories/38687

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/38346

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=133469267822771&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://tomcat.apache.org/security-5.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0119.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0582.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=136485229118404&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://secunia.com/advisories/38316

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/0213

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://marc.info/?l=bugtraq&m=139344343412337&w=2

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://svn.apache.org/viewvc?rev=902650&view=rev

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References