2 matches found
Oracle Solaris Third-Party Patch Update : tomcat (cve_2013_0346_permissions_privileges)
The remote Solaris system is missing necessary patches to address security updates : - DISPUTED Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has...
CVE-2013-0346
The set of documents confirms CVE-2013-0346 affects Apache Tomcat 7.x, where the log directory and its files have world-readable permissions, potentially allowing local users to read sensitive information. The Solaris/Nessus plugin reiterates this claim and notes it as a reported vulnerability, w...