Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2013-4444 - Vulnerability Database
Apache Tomcat

Apache Tomcat Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2013-4444

Medium
Reference: CVE-2013-4444
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4444
Title: Apache Tomcat Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40 in certain situations involving outdated java.io.File code and a custom JMX configuration allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.