KLA10070
RLF vulnerability in Apache Tomcat
Updated: 06/01/2019
Detect date
?
05/31/2014
Severity
?
Warning
Description

An improper class constriction vulnerability was found in Apache Tomcat. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited from the network at a point related to the XML parser via a specially designed web application.

Affected products

Apache Tomcat versions 6.0.40 and earlier
Apache Tomcat 7 versions 7.0.53 and earlier
Apache Tomcat 8 versions 8.0.5 and earlier  

Solution

Update to latest version

Original advisories

Apache changelog

Impacts
?
RLF 
[?]
Related products
Apache Tomcat
CVE-IDS
?
CVE-2014-01194.3Warning