Summary
Apache Tomcat is prone to multiple remote vulnerabilities including information-disclosure and denial-of-service issues.
Remote attackers can exploit these issues to cause denial-of-service conditions or gain access to potentially sensitive information
information obtained may lead to further attacks.
The following versions are affected:
Tomcat 5.5.0 to 5.5.29 Tomcat 6.0.0 to 6.0.27 Tomcat 7.0.0
Tomcat 3.x, 4.x, and 5.0.x may also be affected.
Solution
The vendor released updates. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2227 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:N/A:P
Related Vulnerabilities
- Check for bdir.htr files
- IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability
- httpdx Space Character Remote File Disclosure Vulnerability
- IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 - March 2011