[jboss-jira] [JBoss JIRA] Updated: (JBCOMMON-115) CVE-2009-2693

Thursday, 30 September 2010



     [
https://jira.jboss.org/browse/JBCOMMON-115?page=com.atlassian.jira.plugin...
]

Mike Millson updated JBCOMMON-115:
----------------------------------

    Fix Version/s: 2.2.18.GA 


...
 CVE-2009-2693
 -------------

                 Key: JBCOMMON-115
                 URL: https://jira.jboss.org/browse/JBCOMMON-115
             Project: JBoss Common
          Issue Type: Bug
      Security Level: Public(Everyone can see) 
          Components: common-core (2.x)
    Affects Versions:  2.2.17.GA
            Reporter: Mike Millson
            Assignee: Mike Millson
             Fix For: 2.2.18.GA 


 CVE-2009-2693: When deploying WAR files, the WAR files were not checked for directory
traversal attempts. This allows an attacker to create arbitrary content outside of the web
root by including entries such as ../../bin/catalina.sh in the WAR. 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] Updated: (JBCOMMON-115) CVE-2009-2693