JVN#63832775: Apache Tomcat information disclosure vulnerability

Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat contains a vulnerability which may allow information disclosure or access to the contents contained in the WEB-INF directory. Impact A remote attacker cou...

PT-2008-4375 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.37 Apache Tomcat versions 5.5.0 through 5.5.26 Apache Tomcat versions 6.0.0 through 6.0.16 Description: The issue allows remote attackers to read arbitrary files via encoded directory traversal sequenc...

CVE-2006-7196

Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...