Apache Tomcat WAR File Directory Traversal Vulnerability
Apache Tomcat is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this issue allows attackers to delete or overwrite arbitrary files within the context of the webserver.
The following versions are affected:
Tomcat 5.5.0 through 5.5.28
Tomcat 6.0.0 through 6.0.20