Description

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.

Remediation

References

CVE-2009-2693

Related Vulnerabilities

MySQL CVE-2012-0075 Vulnerability (CVE-2012-0075)

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)

Oracle Database Server CVE-2009-1967 Vulnerability (CVE-2009-1967)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-2220)

WordPress Plugin Daily Inspiration Generator Open Redirect (2.0)

Severity

Medium

Classification

CVE-2009-2693 CWE-22

Tags

Missing Update Known Vulnerabilities