This host is running Apache Tomcat and is prone to information disclosure vulnerability.
Successful exploitation will allow remote attackers to read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference. Impact Level: Application
Upgrade to version 6.0.40, 7.0.54, 8.0.6 or later. For updates refer to refer http://tomcat.apache.org
The flaw is due to an application does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
- Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
- Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities-01 (Nov14)