Description

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

Remediation

References

CVE-2007-5461

Related Vulnerabilities

Liferay Portal Missing Authorization Vulnerability (CVE-2023-33948)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2006-4343)

WordPress Plugin Slider Hero with Animation, Video Background Unspecified Vulnerability (5.5.0)

WordPress Plugin Subscribe2 Unspecified Vulnerability (10.20.5)

WordPress Plugin WP DSGVO Tools (GDPR) PHP Object Injection (2.0.4)

Severity

Low

Classification

CVE-2007-5461 CWE-22

Tags

Missing Update Known Vulnerabilities