15 lines
No EOL
527 B
Text
15 lines
No EOL
527 B
Text
source: http://www.securityfocus.com/bid/30494/info
|
|
|
|
Apache Tomcat is prone to a remote information-disclosure vulnerability.
|
|
|
|
Remote attackers can exploit this issue to obtain the contents of sensitive files stored on the server. Information obtained may lead to further attacks.
|
|
|
|
The following versions are affected:
|
|
|
|
Tomcat 4.1.0 through 4.1.37
|
|
Tomcat 5.5.0 through 5.5.26
|
|
Tomcat 6.0.0 through 6.0.16
|
|
|
|
Tomcat 3.x, 4.0.x, and 5.0.x may also be affected.
|
|
|
|
http://www.example.com/page.jsp?blah=/../WEB-INF/web.xml |