| Revision Date: | 2016-05-27 | Version: | 15 | | Title: | HP-UX using Apache Tomcat, Remote Access Restriction Bypass, Arbitrary Code Execution, Execution of Arbitrary Code With Privilege Elevation, Unauthorized Read Access to Files | | Description: | The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.67, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2015-5345
| | Platform(s): | HP-UX 11
| Product(s): | | | Definition Synopsis | | HP-UX B.11.31 AND hpuxws22Tomcat.hpuxws22TOMCAT.TOMCAT version is less than C.6.0.45.01
|
|