Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-5174
Description:Directory traversal vulnerability in in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-5174
BugTraq ID: 83329
Bugtraq: 20160222 [SECURITY] CVE-2015-5174 Apache Tomcat Limited Directory Traversal (Google Search)
Debian Security Information: DSA-3530 (Google Search)
Debian Security Information: DSA-3552 (Google Search)
Debian Security Information: DSA-3609 (Google Search)
HPdes Security Advisory: HPSBUX03561
RedHat Security Advisories: RHSA-2016:1432
RedHat Security Advisories: RHSA-2016:1433
RedHat Security Advisories: RHSA-2016:1434
RedHat Security Advisories: RHSA-2016:1435
RedHat Security Advisories: RHSA-2016:2045
RedHat Security Advisories: RHSA-2016:2599
SuSE Security Announcement: SUSE-SU-2016:0769 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0822 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0839 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0865 (Google Search)

© 1998-2022 E-Soft Inc. All rights reserved.