1
Candidate: CVE-2011-3376
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3376
6
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x
7
before 7.0.22 does not properly restrict ContainerServlets in the Manager
8
application, which allows local users to gain privileges by using an
9
untrusted web application to access the Manager application's
15
Discovered-by: Ate Douma
19
upstream: http://svn.apache.org/viewvc?view=revision&revision=1176588
20
upstream_tomcat7: released (7.0.22-1)
25
oneiric_tomcat7: released (7.0.21-1ubuntu0.1)
26
precise_tomcat7: not-affected (7.0.22-1)
27
quantal_tomcat7: not-affected (7.0.22-1)
28
devel_tomcat7: not-affected (7.0.22-1)