Summary
This host is running Apache Tomcat and is
prone to remote code execution vulnerability.
Impact
Successful exploitation will allow remote
attackers to upload malicious script and execute the arbitrary code.
Impact Level: Application
Solution
Upgrade to version 7.0.40 or later. For
updates refer to refer http://tomcat.apache.org/
Insight
The error exists as the program does not
properly verify or sanitize user-uploaded files.
Affected
Apache Tomcat version 7.x before 7.0.40
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4444 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability
- Adobe Reader Information Disclosure Vulnerability Jun05 (Windows)
- Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)