Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 01:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2010-01-28 20:30
Updated : 2023-12-10 11:03
NVD link : CVE-2009-2902
Mitre link : CVE-2009-2902
CVE.ORG link : CVE-2009-2902
JSON object : View
Products Affected
apache
- tomcat
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')