CVE-2007-5461
Detail
Deferred
This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Current Description
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
View Analysis Description
Analysis
Description
Absolute path traversal vulnerability in Apache Tomcat, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected] .
URL
Source(s)
Tag(s)
http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
CVE, Inc., Red Hat
http://issues.apache.org/jira/browse/GERONIMO-3549
CVE, Inc., Red Hat
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
CVE, Inc., Red Hat
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
CVE, Inc., Red Hat
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
CVE, Inc., Red Hat
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
CVE, Inc., Red Hat
http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705%40apache.org%3E
CVE, Inc., Red Hat
http://marc.info/?l=bugtraq&m=139344343412337&w=2
CVE, Inc., Red Hat
http://marc.info/?l=full-disclosure&m=119239530508382
CVE, Inc., Red Hat
Exploit
http://rhn.redhat.com/errata/RHSA-2008-0630.html
CVE, Inc., Red Hat
http://secunia.com/advisories/27398
CVE, Inc., Red Hat
http://secunia.com/advisories/27446
CVE, Inc., Red Hat
http://secunia.com/advisories/27481
CVE, Inc., Red Hat
http://secunia.com/advisories/27727
CVE, Inc., Red Hat
http://secunia.com/advisories/28317
CVE, Inc., Red Hat
http://secunia.com/advisories/28361
CVE, Inc., Red Hat
http://secunia.com/advisories/29242
CVE, Inc., Red Hat
http://secunia.com/advisories/29313
CVE, Inc., Red Hat
http://secunia.com/advisories/29711
CVE, Inc., Red Hat
http://secunia.com/advisories/30676
CVE, Inc., Red Hat
http://secunia.com/advisories/30802
CVE, Inc., Red Hat
http://secunia.com/advisories/30899
CVE, Inc., Red Hat
http://secunia.com/advisories/30908
CVE, Inc., Red Hat
http://secunia.com/advisories/31493
CVE, Inc., Red Hat
http://secunia.com/advisories/32120
CVE, Inc., Red Hat
http://secunia.com/advisories/32222
CVE, Inc., Red Hat
http://secunia.com/advisories/32266
CVE, Inc., Red Hat
http://secunia.com/advisories/37460
CVE, Inc., Red Hat
http://secunia.com/advisories/57126
CVE, Inc., Red Hat
http://security.gentoo.org/glsa/glsa-200804-10.xml
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
CVE, Inc., Red Hat
http://support.apple.com/kb/HT2163
CVE, Inc., Red Hat
http://support.apple.com/kb/HT3216
CVE, Inc., Red Hat
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
CVE, Inc., Red Hat
http://tomcat.apache.org/security-4.html
CVE, Inc., Red Hat
http://tomcat.apache.org/security-5.html
CVE, Inc., Red Hat
http://tomcat.apache.org/security-6.html
CVE, Inc., Red Hat
http://www-1.ibm.com/support/docview.wss?uid=swg21286112
CVE, Inc., Red Hat
http://www.debian.org/security/2008/dsa-1447
CVE, Inc., Red Hat
http://www.debian.org/security/2008/dsa-1453
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2008-0042.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2008-0195.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2008-0261.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2008-0862.html
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/507985/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/26070
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/31681
CVE, Inc., Red Hat
http://www.securitytracker.com/id?1018864
CVE, Inc., Red Hat
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
CVE, Inc., Red Hat
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/3622
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/3671
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/3674
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/1856/references
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/1979/references
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/1981/references
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/2780
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/2823
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2009/3316
CVE, Inc., Red Hat
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202
CVE, Inc., Red Hat
https://www.exploit-db.com/exploits/4530
CVE, Inc., Red Hat
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
CVE, Inc., Red Hat
Weakness Enumeration
CWE-ID
CWE Name
Source
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
NIST
Change History
14 change records found show changes
CVE Modified by CVE 11/20/2024 7:37:56 PM
Action
Type
Old Value
New Value
Added
Reference
http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html
Added
Reference
http://issues.apache.org/jira/browse/GERONIMO-3549
Added
Reference
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
Added
Reference
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Added
Reference
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
Added
Reference
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
Added
Reference
http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705%40apache.org%3E
Added
Reference
http://marc.info/?l=bugtraq&m=139344343412337&w=2
Added
Reference
http://marc.info/?l=full-disclosure&m=119239530508382
Added
Reference
http://rhn.redhat.com/errata/RHSA-2008-0630.html
Added
Reference
http://secunia.com/advisories/27398
Added
Reference
http://secunia.com/advisories/27446
Added
Reference
http://secunia.com/advisories/27481
Added
Reference
http://secunia.com/advisories/27727
Added
Reference
http://secunia.com/advisories/28317
Added
Reference
http://secunia.com/advisories/28361
Added
Reference
http://secunia.com/advisories/29242
Added
Reference
http://secunia.com/advisories/29313
Added
Reference
http://secunia.com/advisories/29711
Added
Reference
http://secunia.com/advisories/30676
Added
Reference
http://secunia.com/advisories/30802
Added
Reference
http://secunia.com/advisories/30899
Added
Reference
http://secunia.com/advisories/30908
Added
Reference
http://secunia.com/advisories/31493
Added
Reference
http://secunia.com/advisories/32120
Added
Reference
http://secunia.com/advisories/32222
Added
Reference
http://secunia.com/advisories/32266
Added
Reference
http://secunia.com/advisories/37460
Added
Reference
http://secunia.com/advisories/57126
Added
Reference
http://security.gentoo.org/glsa/glsa-200804-10.xml
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
Added
Reference
http://support.apple.com/kb/HT2163
Added
Reference
http://support.apple.com/kb/HT3216
Added
Reference
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
Added
Reference
http://tomcat.apache.org/security-4.html
Added
Reference
http://tomcat.apache.org/security-5.html
Added
Reference
http://tomcat.apache.org/security-6.html
Added
Reference
http://www-1.ibm.com/support/docview.wss?uid=swg21286112
Added
Reference
http://www.debian.org/security/2008/dsa-1447
Added
Reference
http://www.debian.org/security/2008/dsa-1453
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
Added
Reference
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
Added
Reference
http://www.redhat.com/support/errata/RHSA-2008-0042.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2008-0195.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2008-0862.html
Added
Reference
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Added
Reference
http://www.securityfocus.com/bid/26070
Added
Reference
http://www.securityfocus.com/bid/31681
Added
Reference
http://www.securitytracker.com/id?1018864
Added
Reference
http://www.vmware.com/security/advisories/VMSA-2008-0010.html
Added
Reference
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Added
Reference
http://www.vupen.com/english/advisories/2007/3622
Added
Reference
http://www.vupen.com/english/advisories/2007/3671
Added
Reference
http://www.vupen.com/english/advisories/2007/3674
Added
Reference
http://www.vupen.com/english/advisories/2008/1856/references
Added
Reference
http://www.vupen.com/english/advisories/2008/1979/references
Added
Reference
http://www.vupen.com/english/advisories/2008/1981/references
Added
Reference
http://www.vupen.com/english/advisories/2008/2780
Added
Reference
http://www.vupen.com/english/advisories/2008/2823
Added
Reference
http://www.vupen.com/english/advisories/2009/3316
Added
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243
Added
Reference
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202
Added
Reference
https://www.exploit-db.com/exploits/4530
Added
Reference
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
CVE Modified by Red Hat, Inc. 5/13/2024 9:48:31 PM
Action
Type
Old Value
New Value
CVE Modified by Red Hat, Inc. 11/06/2023 9:01:18 PM
Action
Type
Old Value
New Value
Added
Reference
Red Hat, Inc. http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705%40apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Added
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E [No types assigned]
Removed
Reference
Red Hat, Inc. http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%[email protected] %3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
Removed
Reference
Red Hat, Inc. https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
CVE Modified by Red Hat, Inc. 2/13/2020 12:15:18 PM
Action
Type
Old Value
New Value
Added
Reference
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
Added
Reference
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
CVE Modified by Red Hat, Inc. 2/03/2020 7:15:13 AM
Action
Type
Old Value
New Value
Added
Reference
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
CVE Modified by Red Hat, Inc. 3/25/2019 7:29:51 AM
Action
Type
Old Value
New Value
Added
Reference
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
Added
Reference
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
CVE Modified by Red Hat, Inc. 3/21/2019 11:39:45 AM
Action
Type
Old Value
New Value
Added
Reference
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
Added
Reference
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E [No Types Assigned]
CVE Modified by Red Hat, Inc. 10/15/2018 5:44:57 PM
Action
Type
Old Value
New Value
Added
Reference
http://www.securityfocus.com/archive/1/507985/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded [No Types Assigned]
CVE Modified by Red Hat, Inc. 9/28/2017 9:29:37 PM
Action
Type
Old Value
New Value
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9202 [No Types Assigned]
Added
Reference
https://www.exploit-db.com/exploits/4530 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9202 [No Types Assigned]
Removed
Reference
http://www.milw0rm.com/exploits/4530 [Exploit]
CVE Modified by Red Hat, Inc. 7/28/2017 9:33:41 PM
Action
Type
Old Value
New Value
Added
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/37243 [No Types Assigned]
Removed
Reference
http://xforce.iss.net/xforce/xfdb/37243 [No Types Assigned]
CVE Translated by NIST 10/24/2016 11:45:01 PM
Action
Type
Old Value
New Value
Added
Translation
Vulnerabilidad de salto de ruta absoluta en Apache Tomcat 4.0.0 hasta la versión 4.0.6, 4.1.0, 5.0.0, 5.5.0 hasta la versión 5.5.25 y 6.0.0 hasta la versión 6.0.14, bajo determinadas configuraciones, permite a usuarios remotos autenticados leer archivos arbitrarios a través de una petición de escritura WebDAV que especifica una entidad con una etiqueta SYSTEM.
Removed
Translation
Vulnerabilidad de salto de ruta absoluta en Apache Tomcat 4.0.0 hasta 4.0.6, 4.1.0, 5.0.0, 5.5.0 hasta 5.5.25, y 6.0.0 hasta 6.0.14, bajo determinadas configuraciones, permite a usuarios remotos autenticados leer ficheros de su elección mediante una petición de escritura WebDAV que especifica una entidad con una etiqueta SYSTEM.
Modified Analysis by NIST 10/24/2016 2:30:11 PM
Action
Type
Old Value
New Value
Changed
CPE Configuration
Configuration 1
OR
*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
Record truncated, showing 2048 of 2470 characters.
View Entire Change Record
Configuration 1
OR
*cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*
*cpe:2.3
Initial CVE Analysis 10/24/2016 2:25:53 PM
Action
Type
Old Value
New Value
Changed
CPE Configuration
Configuration 1
OR
*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
Record truncated, showing 2048 of 2470 characters.
View Entire Change Record
Configuration 1
OR
*cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
*cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*
*cpe:2.3
Initial CVE Analysis 10/16/2007 5:55:00 AM
Action
Type
Old Value
New Value
Quick Info
CVE Dictionary Entry: CVE-2007-5461 NVD
Published Date: 10/15/2007 NVD
Last Modified: 04/08/2025
Source: Red Hat, Inc.