Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-7810
Description:The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
Test IDs: 1.3.6.1.4.1.25623.1.0.805702   1.3.6.1.4.1.25623.1.0.805701   1.3.6.1.4.1.25623.1.0.703428   1.3.6.1.4.1.25623.1.0.871581   1.3.6.1.4.1.25623.1.0.882434   1.3.6.1.4.1.25623.1.0.122909   1.3.6.1.4.1.25623.1.1.4.2015.1281.1   1.3.6.1.4.1.25623.1.1.4.2015.1337.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-7810
BugTraq ID: 74665
http://www.securityfocus.com/bid/74665
Debian Security Information: DSA-3428 (Google Search)
http://www.debian.org/security/2015/dsa-3428
Debian Security Information: DSA-3447 (Google Search)
http://www.debian.org/security/2016/dsa-3447
Debian Security Information: DSA-3530 (Google Search)
http://www.debian.org/security/2016/dsa-3530
HPdes Security Advisory: HPSBUX03561
http://marc.info/?l=bugtraq&m=145974991225029&w=2
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
RedHat Security Advisories: RHSA-2015:1621
http://rhn.redhat.com/errata/RHSA-2015-1621.html
RedHat Security Advisories: RHSA-2015:1622
http://rhn.redhat.com/errata/RHSA-2015-1622.html
RedHat Security Advisories: RHSA-2016:0492
http://rhn.redhat.com/errata/RHSA-2016-0492.html
RedHat Security Advisories: RHSA-2016:2046
http://rhn.redhat.com/errata/RHSA-2016-2046.html
http://www.securitytracker.com/id/1032330
http://www.ubuntu.com/usn/USN-2654-1
http://www.ubuntu.com/usn/USN-2655-1




© 1998-2024 E-Soft Inc. All rights reserved.