25 matches found
Amazon Linux: Security Advisory (ALAS-2016-680)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: tomcat8
Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...
Medium: tomcat7
Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...
The vulnerability of the Apache Tomcat application server allows a attacker to cause a service failure.
The vulnerability of the setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java of the Apache Tomcat application server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent access...
Apache Tomcat Security Manager Security Restriction Bypass Vulnerability
Apache Tomcat is a popular open source JSP application server program. Apache Tomcat Security Manager in the ResourceLinkFactory.setGlobalContext public method implementation of a security restriction bypass vulnerability, an attacker through a malicious web application to inject the global...