Absolute path traversal vulnerability in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0, 5.0.0, 5.5.0 up to and including 5.5.25, and 6.0.0 up to and including 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 4.0.0 |
||
apache tomcat 4.0.1 |
||
apache tomcat 4.0.2 |
||
apache tomcat 4.0.3 |
||
apache tomcat 4.0.4 |
||
apache tomcat 4.0.5 |
||
apache tomcat 4.0.6 |
||
apache tomcat 4.1.0 |
||
apache tomcat 4.1.1 |
||
apache tomcat 4.1.2 |
||
apache tomcat 4.1.3 |
||
apache tomcat 4.1.4 |
||
apache tomcat 4.1.5 |
||
apache tomcat 4.1.6 |
||
apache tomcat 4.1.7 |
||
apache tomcat 4.1.8 |
||
apache tomcat 4.1.9 |
||
apache tomcat 4.1.10 |
||
apache tomcat 4.1.11 |
||
apache tomcat 4.1.12 |
||
apache tomcat 4.1.13 |
||
apache tomcat 4.1.14 |
||
apache tomcat 4.1.15 |
||
apache tomcat 4.1.16 |
||
apache tomcat 4.1.17 |
||
apache tomcat 4.1.18 |
||
apache tomcat 4.1.19 |
||
apache tomcat 4.1.20 |
||
apache tomcat 4.1.21 |
||
apache tomcat 4.1.22 |
||
apache tomcat 4.1.23 |
||
apache tomcat 4.1.24 |
||
apache tomcat 4.1.25 |
||
apache tomcat 4.1.26 |
||
apache tomcat 4.1.27 |
||
apache tomcat 4.1.28 |
||
apache tomcat 4.1.29 |
||
apache tomcat 4.1.30 |
||
apache tomcat 4.1.31 |
||
apache tomcat 4.1.32 |
||
apache tomcat 4.1.33 |
||
apache tomcat 4.1.34 |
||
apache tomcat 4.1.35 |
||
apache tomcat 4.1.36 |