KLA10070
RLF vulnerability in Apache Tomcat
Обновлено: 17/06/2019
Дата обнаружения
31/05/2014
Уровень угрозы
Warning
Описание

An improper class constriction vulnerability was found in Apache Tomcat. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited from the network at a point related to the XML parser via a specially designed web application.

Пораженные продукты

Apache Tomcat versions 6.0.40 and earlier
Apache Tomcat 7 versions 7.0.53 and earlier
Apache Tomcat 8 versions 8.0.5 and earlier  

Решение

Update to latest version

Первичный источник обнаружения
Apache changelog
Оказываемое влияние
?
RLF 
[?]
Связанные продукты
Apache Tomcat
CVE-IDS
CVE-2014-01194.3Warning