Revision Date: | 2014-09-11 | Version: | 1 | Title: | CVE-2013-4444 on Ubuntu 16.04 LTS (xenial) - medium. | Description: | Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
| Family: | unix | Class: | vulnerability | Status: | | Reference(s): | CVE-2013-4444
| Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | Definition Synopsis | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT libservlet3.0-java package in xenial, while related to the CVE in some way, is not affected.
OR NOT libtomcat7-java package in xenial, while related to the CVE in some way, is not affected.
OR NOT tomcat7 package in xenial, while related to the CVE in some way, is not affected.
OR NOT tomcat7-admin package in xenial, while related to the CVE in some way, is not affected.
OR NOT tomcat7-common package in xenial, while related to the CVE in some way, is not affected.
OR NOT tomcat7-examples package in xenial, while related to the CVE in some way, is not affected.
OR NOT tomcat7-user package in xenial, while related to the CVE in some way, is not affected.
|
|