Oval Definition:oval:org.mitre.oval:def:21709
Revision Date:2014-05-26Version:20
Title:ELSA-2008:0042: tomcat security update (Moderate)
Description:Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-5342
CVE-2007-5461
ELSA-2008:0042-01
Platform(s):Oracle Linux 5
Product(s):tomcat5
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-server-lib is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-jasper is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-common-lib is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5-webapps is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
  • OR tomcat5 is earlier than 0:5.5.23-0jpp.3.0.3.el5_1
    • BACK