ACE vulnerability in Apache Tomcat

Descripción

Multiple vulnerabilities was found in Apache Tomcat. Malicious users can exploit this vulnerability to execute arbitrary code and perform cross-site scripting attack.

Below is a complete list of vulnerabilities:

1. A vulnerability in CGI Servlet component can be exploited via due to a bug in the way the JRE passes command line arguments to execute arbitrary code;
2. A vulnerability in SSI printenv command can be exploited to perform cross-site scripting attack.

 

Notas informativas originales

• Apache Tomcat 8.x Security Vulnerabilities

• Apache Tomcat 7.x Security Vulnerabilities
• Apache Tomcat 9.x Security Vulnerabilities

Explotación

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Productos relacionados

• Apache-Tomcat

Lista CVE

• CVE-2019-0232
  critical
• CVE-2019-0221
  high

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com