Executive Summary

Informations
NameCVE-2013-4444First vendor Publication2014-09-11
VendorCveLast vendor Modification2017-01-06

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444

CWE : Common Weakness Enumeration

%idName
100 %CWE-94Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application246

Nessus® Vulnerability Scanner

DateDescription
2016-01-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3447.nasl - Type : ACT_GATHER_INFO
2013-05-15Name : The remote Apache Tomcat server is affected by multiple vulnerabilities.
File : tomcat_7_0_40.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/69728
BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html
CONFIRM http://tomcat.apache.org/security-7.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
DEBIAN http://www.debian.org/security/2016/dsa-3447
HP http://marc.info/?l=bugtraq&m=144498216801440&w=2
MLIST http://openwall.com/lists/oss-security/2014/10/24/12
SECTRACK http://www.securitytracker.com/id/1030834

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
DateInformations
2017-04-25 12:02:12
  • Multiple Updates
2017-03-28 12:00:55
  • Multiple Updates
2017-01-07 09:25:13
  • Multiple Updates
2016-12-08 09:23:28
  • Multiple Updates
2016-12-07 09:24:11
  • Multiple Updates
2016-11-29 00:24:50
  • Multiple Updates
2016-10-26 09:22:41
  • Multiple Updates
2016-10-15 12:02:56
  • Multiple Updates
2016-10-05 01:01:10
  • Multiple Updates
2016-08-23 09:24:48
  • Multiple Updates
2016-04-26 23:33:21
  • Multiple Updates
2016-01-20 13:24:06
  • Multiple Updates
2014-11-14 13:27:16
  • Multiple Updates
2014-09-16 09:23:38
  • Multiple Updates
2014-09-12 21:26:16
  • Multiple Updates
2014-09-12 09:23:31
  • First insertion