|
Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
Apache Tomcat is prone to a vulnerability that can allow third-party web applications to write files to arbitrary locations with the privileges of Tomcat. This issue stems from an inadequate default security policy. Attackers can leverage this issue to write or overwrite arbitrary log file data in unauthorized locations. Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 are vulnerable. |
|
|
Privacy Statement |
