107
VMScore

CVE-2010-3718

Published: 10/02/2011 Updated: 25/03/2019
CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9
VMScore: 107
Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Summary

Apache Tomcat 7.0.0 up to and including 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.

Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 7.0.0

apache tomcat 7.0.1

apache tomcat 7.0.2

apache tomcat 7.0.3

apache tomcat 6.0

apache tomcat 6.0.0

apache tomcat 6.0.1

apache tomcat 6.0.2

apache tomcat 6.0.3

apache tomcat 6.0.4

apache tomcat 6.0.5

apache tomcat 6.0.6

apache tomcat 6.0.7

apache tomcat 6.0.8

apache tomcat 6.0.9

apache tomcat 6.0.10

apache tomcat 6.0.11

apache tomcat 6.0.12

apache tomcat 6.0.13

apache tomcat 6.0.14

apache tomcat 6.0.15

apache tomcat 6.0.16

apache tomcat 6.0.17

apache tomcat 6.0.18

apache tomcat 6.0.19

apache tomcat 6.0.20

apache tomcat 6.0.24

apache tomcat 6.0.26

apache tomcat 6.0.27

apache tomcat 6.0.28

apache tomcat 6.0.29

apache tomcat 5.5.0

apache tomcat 5.5.1

apache tomcat 5.5.2

apache tomcat 5.5.3

apache tomcat 5.5.4

apache tomcat 5.5.5

apache tomcat 5.5.6

apache tomcat 5.5.7

apache tomcat 5.5.8

apache tomcat 5.5.9

apache tomcat 5.5.10

apache tomcat 5.5.11

apache tomcat 5.5.12

apache tomcat 5.5.13

apache tomcat 5.5.14

apache tomcat 5.5.15

apache tomcat 5.5.16

apache tomcat 5.5.17

apache tomcat 5.5.18

apache tomcat 5.5.19

apache tomcat 5.5.20

apache tomcat 5.5.21

apache tomcat 5.5.22

apache tomcat 5.5.23

apache tomcat 5.5.24

apache tomcat 5.5.25

apache tomcat 5.5.26

apache tomcat 5.5.27

apache tomcat 5.5.28

apache tomcat 5.5.29

apache tomcat 5.5.30

apache tomcat 5.5.32

Vendor Advisories

Synopsis Moderate: tomcat5 security update Type/Severity Security Advisory: Moderate Topic Updated tomcat5 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerabili ...
An attacker could send crafted input to Tomcat and cause it to crash or read and write arbitrary files ...
Debian Bug report logs - #612257 Three Tomcat vulnerabilities Package: tomcat6; Maintainer for tomcat6 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 7 Feb 2011 08:45:14 UTC Severity: grave Tags: security Fixed in ver ...
Several vulnerabilities were discovered in the Tomcat Servlet and JSP engine: CVE-2010-3718 It was discovered that the SecurityManager insufficiently restricted the working directory CVE-2011-0013 It was discovered that the HTML manager interface is affected by cross-site scripting CVE-2011-0534 It was discovered that N ...
IntelligenceCenter uses a version of Tomcat that has several publicly documented vulnerabilities The most severe vulnerability allows an attacker to mount a denial of service attack or to obtain sensitive information by using a specially crafted header ...

References

NVD-CWE-Otherhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttp://marc.info/?l=bugtraq&m=130168502603566&w=2http://marc.info/?l=bugtraq&m=132215163318824&w=2http://marc.info/?l=bugtraq&m=136485229118404&w=2http://marc.info/?l=bugtraq&m=139344343412337&w=2http://secunia.com/advisories/43192http://secunia.com/advisories/45022http://secunia.com/advisories/57126http://securityreason.com/securityalert/8072http://support.apple.com/kb/HT5002http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.htmlhttp://tomcat.apache.org/security-5.htmlhttp://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-7.htmlhttp://www.debian.org/security/2011/dsa-2160http://www.mandriva.com/security/advisories?name=MDVSA-2011:030http://www.redhat.com/support/errata/RHSA-2011-0791.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0896.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0897.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1845.htmlhttp://www.securityfocus.com/archive/1/516211/100/0/threadedhttp://www.securityfocus.com/bid/46177http://www.securitytracker.com/id?1025025https://exchange.xforce.ibmcloud.com/vulnerabilities/65159https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3Ehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12517https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13969https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19379https://www.rapid7.com/db/vulnerabilities/apache-tomcat-cve-2010-3718https://access.redhat.com/errata/RHSA-2011:1845https://nvd.nist.govhttps://usn.ubuntu.com/1097-1/http://tools.cisco.com/security/center/viewAlert.x?alertId=22367