Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-5461
HistoryOct 15, 2007 - 12:00 a.m.

CVE-2007-5461

2007-10-1500:00:00
ubuntu.com
ubuntu.com
24

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

EPSS

0.019

Percentile

88.9%

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6,
4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain
configurations, allows remote authenticated users to read arbitrary files
via a WebDAV write request that specifies an entity with a SYSTEM tag.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchtomcat5.5<Β 5.5.25-2UNKNOWN
ubuntu8.10noarchtomcat5.5<Β 5.5.25-2UNKNOWN
ubuntu9.04noarchtomcat5.5<Β 5.5.25-2UNKNOWN

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

EPSS

0.019

Percentile

88.9%