Description

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.

Remediation

References

CVE-2009-2902

Related Vulnerabilities

WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.3)

PHP Other Vulnerability (CVE-2002-2215)

WordPress Plugin Safe Editor Unspecified Vulnerability (1.1)

Oracle Application Server Other Vulnerability (CVE-2005-2093)

WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Request Forgery (1.5.26)

Severity

Medium

Classification

CVE-2009-2902 CWE-22

Tags

Missing Update Known Vulnerabilities