Описание
Multiple vulnerabilities was found in Apache Tomcat. Malicious users can exploit this vulnerability to execute arbitrary code and perform cross-site scripting attack.
Below is a complete list of vulnerabilities:
- A vulnerability in CGI Servlet component can be exploited via due to a bug in the way the JRE passes command line arguments to execute arbitrary code;
- A vulnerability in SSI printenv command can be exploited to perform cross-site scripting attack.
Первичный источник обнаружения
- Apache Tomcat 8.x Security Vulnerabilities
Apache Tomcat 7.x Security Vulnerabilities
Apache Tomcat 9.x Security Vulnerabilities
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2019-0232 critical
- CVE-2019-0221 high
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!