CVE-2009-0783
Description
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
Risk Information
Base Score
4.2
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.098
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Tomcat to 9.5.14 | Windows |
| Update Tomcat to 9.5.5 | Windows |
| Update Tomcat to 9.5.7 | Windows |
| Update Tomcat to 9.5.8 | Windows |
| Update Tomcat to 9.6.10 | Windows |
| Update Tomcat to 9.6.3 | Windows |
| Update Tomcat to 9.6.4 | Windows |
| Update Tomcat to 9.6.7 | Windows |
| Update Tomcat to 9.6.8 | Windows |
| Update Tomcat to 2.4.5 | Windows |
| Update Tomcat to 3.0.14 | Windows |
| Vulnerabilities CVE-2008-5515,CVE-2009-0783,CVE-2009-0781 are fixed in Apache - tomcat 6.0.20 | Windows |
| Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.3.0.9 | Windows |
| Vulnerabilities CVE-2009-0781,CVE-2009-0783,CVE-2009-0033 are affected in Apache - tomcat 4.1.39 | Windows |
| Update Tomcat to 9.5.14 (For Linux) | Linux |
| Update Tomcat to 9.5.5 (For Linux) | Linux |
| Update Tomcat to 9.5.7 (For Linux) | Linux |
| Update Tomcat to 9.5.8 (For Linux) | Linux |
| Update Tomcat to 9.6.10 (For Linux) | Linux |
| Update Tomcat to 9.6.3 (For Linux) | Linux |
| Update Tomcat to 9.6.4 (For Linux) | Linux |
| Update Tomcat to 9.6.7 (For Linux) | Linux |
| Update Tomcat to 9.6.8 (For Linux) | Linux |
| Update Tomcat to 2.4.5 (For Linux) | Linux |
| Update Tomcat to 3.0.14 (For Linux) | Linux |
| Vulnerabilities CVE-2008-5515,CVE-2009-0783,CVE-2009-0781 are fixed in Apache - tomcat for Linux 6.0.20 | Linux |
| Vulnerabilities CVE-2009-0781,CVE-2009-0783,CVE-2009-0033 are affected in Apache - tomcat for Linux 4.1.39 | Linux |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0783) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234