CVE-2007-5461

NONECVSS 0.0

0.0

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

🔗 References (144)

secalert@redhathttp://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
secalert@redhathttp://issues.apache.org/jira/browse/GERONIMO-3549
secalert@redhathttp://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
secalert@redhathttp://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705%40apache.org%3E
secalert@redhathttp://marc.info/?l=bugtraq&m=139344343412337&w=2
secalert@redhathttp://marc.info/?l=full-disclosure&m=119239530508382
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2008-0630.html
secalert@redhathttp://secunia.com/advisories/27398
secalert@redhathttp://secunia.com/advisories/27446
secalert@redhathttp://secunia.com/advisories/27481
secalert@redhathttp://secunia.com/advisories/27727
secalert@redhathttp://secunia.com/advisories/28317

Is Your Infrastructure Affected by CVE-2007-5461?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-5461

📅 Published

🔄 Last Modified

🔗 References (144)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-5461?