[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

246852

 
 

909

 
 

194149

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2017-12617 -- tomcat7, libservlet3.0-java

ID: oval:org.secpod.oval:def:1900224Date: (C)2019-03-29   (M)2023-12-20
Class: VULNERABILITYFamily: unix




When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22,8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Platform:
Ubuntu 16.04
Ubuntu 18.10
Ubuntu 18.04
Product:
tomcat7
libservlet3.0-java
Reference:
CVE-2017-12617
CVE    1
CVE-2017-12617
CPE    4
cpe:/o:ubuntu:ubuntu_linux:16.04
cpe:/o:ubuntu:ubuntu_linux:18.04
cpe:/o:ubuntu:ubuntu_linux:18.10
cpe:/a:apache:tomcat7
...

© SecPod Technologies