7 matches found
JVN#63832775: Apache Tomcat information disclosure vulnerability
Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat contains a vulnerability which may allow information disclosure or access to the contents contained in the WEB-INF directory. Impact A remote attacker cou...
PT-2008-4375 · Apache +2 · Apache Tomcat +2
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.37 Apache Tomcat versions 5.5.0 through 5.5.26 Apache Tomcat versions 6.0.0 through 6.0.16 Description: The issue allows remote attackers to read arbitrary files via encoded directory traversal sequenc...
PT-2008-2825 · Apache +2 · Apache Tomcat +2
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.37 Apache Tomcat versions 5.5.0 through 5.5.26 Apache Tomcat versions 6.0.0 through 6.0.16 Description: The issue allows remote attackers to inject arbitrary web script or HTML via a crafted string tha...
Design/Logic Flaw
The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information web root path via unspecified vectors that trigger an error message, probably related to enabling...
CVE-2007-5366
The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information web root path via unspecified vectors that trigger an error message, probably related to enabling...
CVE-2007-5366
The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information web root path via unspecified vectors that trigger an error message, probably related to enabling...
CVE-2006-7196
Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...