Lucene search
K

25 matches found

OpenVAS
OpenVAS
added 2016/03/31 12:0 a.m.48 views

Amazon Linux: Security Advisory (ALAS-2016-680)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.1838EPSS
Exploits0References2
Amazon
Amazon
added 2016/03/29 12:0 a.m.55 views

Medium: tomcat8

Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...

8.8CVSS8AI score0.13075EPSS
Exploits0
Amazon
Amazon
added 2016/03/29 12:0 a.m.70 views

Medium: tomcat7

Issue Overview: ResourceLinkFactory.setGlobalContext is a public method and was discovered to be accessible by web applications running under a security manager without any checks. This allowed a malicious web application to inject a malicious global context that could in turn be used to disrupt...

8.8CVSS7.9AI score0.1838EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.6 views

The vulnerability of the Apache Tomcat application server allows a attacker to cause a service failure.

The vulnerability of the setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java of the Apache Tomcat application server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent access...

6.5CVSS7.1AI score0.11297EPSS
Exploits0References9Affected Software1
CNVD
CNVD
added 2016/02/26 12:0 a.m.4 views

Apache Tomcat Security Manager Security Restriction Bypass Vulnerability

Apache Tomcat is a popular open source JSP application server program. Apache Tomcat Security Manager in the ResourceLinkFactory.setGlobalContext public method implementation of a security restriction bypass vulnerability, an attacker through a malicious web application to inject the global...

6.5CVSS7.9AI score0.11297EPSS
Exploits0References1
Rows per page
Query Builder