oval:org.mitre.oval:def:12517

Definition Id: oval:org.mitre.oval:def:12517
 
Oval ID: oval:org.mitre.oval:def:12517
Title: HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS)
Description: Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3718
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis: