NVD

Id
40050  
Name
CVE-2013-4444  
Description
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2014-09-11  
Modified Date
2017-01-06  
Seq
2013-4444  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
203750 40050 CVE-2013-4444 20140910 CVE-2013-4444 Remote Code Execution in Apache Tomcat  View
203751 40050 CVE-2013-4444 HPSBOV03503  View
203752 40050 CVE-2013-4444 [oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185  View
203753 40050 CVE-2013-4444 http://tomcat.apache.org/security-7.html  View
203754 40050 CVE-2013-4444 DSA-3447  View
203755 40050 CVE-2013-4444 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html  View
203756 40050 CVE-2013-4444 69728  View
203757 40050 CVE-2013-4444 1030834  View
203758 40050 CVE-2013-4444 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25068 JVNDB-2013-006643 Apache Tomcat における任意のコードを実行される脆弱性 Apache Tomcat には、ファイルをアップロードされることにより、任意のコードを実行される脆弱性が存在します。 CVE-2013-4444 64386 CVE-2013-4444 40050 6.8 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006643.html 2013-05-09 2016-11-22 View