#VU64553 Permissions, Privileges, and Access Controls in Apache Tomcat - CVE-2014-0119
Published: June 21, 2022
Vulnerability identifier: #VU64553
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2014-0119
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Apache Tomcat
Apache Tomcat
Software vendor:
Apache Foundation
Apache Foundation
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to Apache Tomcat does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet. A remote attacker can read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or read files associated with different web applications on a single Tomcat instance via a crafted web application.
Remediation
Install updates from vendor's website.
External links
- http://advisories.mageia.org/MGASA-2014-0268.html
- http://marc.info/?l=bugtraq&m=141017844705317&w=2
- http://marc.info/?l=bugtraq&m=144498216801440&w=2
- http://rhn.redhat.com/errata/RHSA-2015-0675.html
- http://rhn.redhat.com/errata/RHSA-2015-0720.html
- http://rhn.redhat.com/errata/RHSA-2015-0765.html
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://seclists.org/fulldisclosure/2014/May/141
- http://secunia.com/advisories/59732
- http://secunia.com/advisories/59873
- http://secunia.com/advisories/60729
- http://svn.apache.org/viewvc?view=revision&revision=1588193
- http://svn.apache.org/viewvc?view=revision&revision=1588199
- http://svn.apache.org/viewvc?view=revision&revision=1589640
- http://svn.apache.org/viewvc?view=revision&revision=1589837
- http://svn.apache.org/viewvc?view=revision&revision=1589980
- http://svn.apache.org/viewvc?view=revision&revision=1589983
- http://svn.apache.org/viewvc?view=revision&revision=1589985
- http://svn.apache.org/viewvc?view=revision&revision=1589990
- http://svn.apache.org/viewvc?view=revision&revision=1589992
- http://svn.apache.org/viewvc?view=revision&revision=1589997
- http://svn.apache.org/viewvc?view=revision&revision=1590028
- http://svn.apache.org/viewvc?view=revision&revision=1590036
- http://svn.apache.org/viewvc?view=revision&revision=1593815
- http://svn.apache.org/viewvc?view=revision&revision=1593821
- http://tomcat.apache.org/security-6.html
- http://tomcat.apache.org/security-7.html
- http://tomcat.apache.org/security-8.html
- http://www.debian.org/security/2016/dsa-3530
- http://www.debian.org/security/2016/dsa-3552
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/67669
- http://www.securitytracker.com/id/1030298
- http://www.ubuntu.com/usn/USN-2654-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- http://www-01.ibm.com/support/docview.wss?uid=swg21678231
- http://www-01.ibm.com/support/docview.wss?uid=swg21681528
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
- https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E