Back to search

Apache Tomcat: Low: Unexpected file deletion in work directory (CVE-2009-2902)

Severity CVSS Published Added Modified
4 (AV:N/AC:M/Au:N/C:N/I:P/A:N) January 27, 2010 May 16, 2012 March 26, 2014

Description

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

apache-tomcat-upgrade-5_5_29

Related Vulnerabilities