CVE-2009-0783
Published: 5 June 2009
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
Notes
Author | Note |
---|---|
mdeslaur | example PoC: https://issues.apache.org/bugzilla/show_bug.cgi?id=29936#c12 |
Priority
Status
Package | Release | Status |
---|---|---|
tomcat5 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
tomcat5.5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://svn.apache.org/viewvc?view=rev&revision=681156 upstream: http://svn.apache.org/viewvc?view=rev&revision=781542 |
||
tomcat6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Released
(6.0.18-0ubuntu3.2)
|
|
jaunty |
Released
(6.0.18-0ubuntu6.1)
|
|
karmic |
Not vulnerable
(6.0.20-1ubuntu1)
|
|
lucid |
Not vulnerable
(6.0.20-1ubuntu1)
|
|
maverick |
Not vulnerable
(6.0.20-1ubuntu1)
|
|
natty |
Not vulnerable
(6.0.20-1ubuntu1)
|
|
oneiric |
Not vulnerable
(6.0.20-1ubuntu1)
|
|
upstream |
Released
(6.0.20)
|
|
Patches: upstream: http://svn.apache.org/viewvc?view=rev&revision=652592 upstream: http://svn.apache.org/viewvc?view=rev&revision=739522 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 4.2 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | High |
User interaction | None |
Scope | Unchanged |
Confidentiality | Low |
Integrity impact | Low |
Availability impact | Low |
Vector | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |