Vulnerabilities

CVE-2011-1419

by Fred · 14/03/2011

Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.

Date published : 2011-03-14

http://www.securityfocus.com/bid/46685

http://svn.apache.org/viewvc?view=revision&revision=1079752

Similar

Tags: Cybersecurity Alert