cpe:/a:apache:tomcat:5.5.0 cpe:/a:apache:tomcat:5.5.1 cpe:/a:apache:tomcat:5.5.2 cpe:/a:apache:tomcat:5.5.3 cpe:/a:apache:tomcat:5.5.4 cpe:/a:apache:tomcat:5.5.5 cpe:/a:apache:tomcat:5.5.6 cpe:/a:apache:tomcat:5.5.7 cpe:/a:apache:tomcat:5.5.8 cpe:/a:apache:tomcat:5.5.9 cpe:/a:apache:tomcat:5.5.10 cpe:/a:apache:tomcat:5.5.11 cpe:/a:apache:tomcat:5.5.12 cpe:/a:apache:tomcat:5.5.13 cpe:/a:apache:tomcat:5.5.14 cpe:/a:apache:tomcat:5.5.15 cpe:/a:apache:tomcat:5.5.16 cpe:/a:apache:tomcat:5.5.17 cpe:/a:apache:tomcat:5.5.18 cpe:/a:apache:tomcat:5.5.19 cpe:/a:apache:tomcat:5.5.20 cpe:/a:apache:tomcat:5.5.21 cpe:/a:apache:tomcat:5.5.22 cpe:/a:apache:tomcat:5.5.23 cpe:/a:apache:tomcat:5.5.24 cpe:/a:apache:tomcat:5.5.25 cpe:/a:apache:tomcat:5.5.26 cpe:/a:apache:tomcat:5.5.27 cpe:/a:apache:tomcat:5.5.28 cpe:/a:apache:tomcat:5.5.29 cpe:/a:apache:tomcat:5.5.30 cpe:/a:apache:tomcat:5.5.31 cpe:/a:apache:tomcat:5.5.32 cpe:/a:apache:tomcat:5.5.33 cpe:/a:apache:tomcat:6.0 cpe:/a:apache:tomcat:6.0.0 cpe:/a:apache:tomcat:6.0.1 cpe:/a:apache:tomcat:6.0.2 cpe:/a:apache:tomcat:6.0.3 cpe:/a:apache:tomcat:6.0.4 cpe:/a:apache:tomcat:6.0.5 cpe:/a:apache:tomcat:6.0.6 cpe:/a:apache:tomcat:6.0.7 cpe:/a:apache:tomcat:6.0.8 cpe:/a:apache:tomcat:6.0.9 cpe:/a:apache:tomcat:6.0.10 cpe:/a:apache:tomcat:6.0.11 cpe:/a:apache:tomcat:6.0.12 cpe:/a:apache:tomcat:6.0.13 cpe:/a:apache:tomcat:6.0.14 cpe:/a:apache:tomcat:6.0.15 cpe:/a:apache:tomcat:6.0.16 cpe:/a:apache:tomcat:6.0.17 cpe:/a:apache:tomcat:6.0.18 cpe:/a:apache:tomcat:6.0.19 cpe:/a:apache:tomcat:6.0.20 cpe:/a:apache:tomcat:6.0.24 cpe:/a:apache:tomcat:6.0.26 cpe:/a:apache:tomcat:6.0.27 cpe:/a:apache:tomcat:6.0.28 cpe:/a:apache:tomcat:6.0.29 cpe:/a:apache:tomcat:6.0.30 cpe:/a:apache:tomcat:6.0.31 cpe:/a:apache:tomcat:6.0.32 cpe:/a:apache:tomcat:7.0.0 cpe:/a:apache:tomcat:7.0.0:beta cpe:/a:apache:tomcat:7.0.1 cpe:/a:apache:tomcat:7.0.2 cpe:/a:apache:tomcat:7.0.3 cpe:/a:apache:tomcat:7.0.4 cpe:/a:apache:tomcat:7.0.5 cpe:/a:apache:tomcat:7.0.6 cpe:/a:apache:tomcat:7.0.7 cpe:/a:apache:tomcat:7.0.8 cpe:/a:apache:tomcat:7.0.9 cpe:/a:apache:tomcat:7.0.10 cpe:/a:apache:tomcat:7.0.11 cpe:/a:apache:tomcat:7.0.12 cpe:/a:apache:tomcat:7.0.14 cpe:/a:apache:tomcat:7.0.17 CVE-2011-2526 2011-07-14T19:55:06.020-04:00 2019-03-25T07:33:10.507-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-07-15T11:50:00.000-04:00 SECTRACK 1025788 BUGTRAQ 20110713 [SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities SECUNIA 45232 SECUNIA 48308 BID 48667 OSVDB 73797 OSVDB 73798 DEBIAN DSA-2401 HP HPSBOV02762 HP HPSBST02955 HP HPSBUX02725 HP HPSBUX02860 MANDRIVA MDVSA-2011:156 REDHAT RHSA-2012:0074 REDHAT RHSA-2012:0075 REDHAT RHSA-2012:0076 REDHAT RHSA-2012:0077 REDHAT RHSA-2012:0078 REDHAT RHSA-2012:0325 HP SSRT100627 HP SSRT100825 HP SSRT101146 MLIST [tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ MLIST [tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1145383 CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1145571 CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1145694 CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1146005 CONFIRM http://tomcat.apache.org/security-5.html CONFIRM http://tomcat.apache.org/security-6.html CONFIRM http://tomcat.apache.org/security-7.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=720948 XF tomcat-sendfile-info-disclosure(68541) Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.