Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-7816

Published: 01/12/2014 Updated: 04/03/2015
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 542
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Redhat

Vulnerability Summary

Directory traversal vulnerability in JBoss Undertow 1.0.x prior to 1.0.17, 1.1.x prior to 1.1.0.CR5, and 1.2.x prior to 1.2.0.Beta3, when running on Windows, allows remote malicious users to read arbitrary files via a .. (dot dot) in a resource URI.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat undertow

Vendor Advisories

Red Hat: CVE-2014-7816
It was discovered that Undertow is vulnerable to a directory traversal flaw A remote attacker could use this flaw to read arbitrary files that are accessible to the user running the Java process ...

Exploits

Exploit DB: Apache ActiveMQ 5.11.1 / 5.13.2 Directory Traversal / Command Execution
Apache ActiveMQ versions 5111 and 5132 suffer from command execution and directory traversal vulnerabilities ...

References

CWE-22http://seclists.org/oss-sec/2014/q4/830https://issues.jboss.org/browse/WFLY-4020https://issues.jboss.org/browse/UNDERTOW-338https://bugzilla.redhat.com/show_bug.cgi?id=1157478http://www.securityfocus.com/bid/71328https://nvd.nist.govhttps://packetstormsecurity.com/files/139999/Apache-ActiveMQ-5.11.1-5.13.2-Directory-Traversal-Command-Execution.htmlhttps://access.redhat.com/security/cve/cve-2014-7816
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook