CVE-2013-4444

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.

Date published : 2014-09-11

http://www.securityfocus.com/bid/69728

http://archives.neohapsis.com/archives/bugtraq/2014-09/0075.html