{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"low"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2007-5461","title":"Title"},{"category":"description","text":"Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2007-5461","url":"https://www.suse.com/security/cve/CVE-2007-5461"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 334476 for CVE-2007-5461","url":"https://bugzilla.suse.com/334476"},{"category":"external","summary":"SUSE Bug 349102 for CVE-2007-5461","url":"https://bugzilla.suse.com/349102"},{"category":"external","summary":"SUSE Bug 397563 for CVE-2007-5461","url":"https://bugzilla.suse.com/397563"},{"category":"external","summary":"SUSE Bug 427726 for CVE-2007-5461","url":"https://bugzilla.suse.com/427726"},{"category":"external","summary":"Advisory link for SUSE-SR:2008:005","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LMTVE4EZQNOFAC75PBBXSBZFINGTVNEL/#LMTVE4EZQNOFAC75PBBXSBZFINGTVNEL"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:004","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPPEFMFC7GCUUZ5CIPX7VFYKXZCRGT5N/#BPPEFMFC7GCUUZ5CIPX7VFYKXZCRGT5N"},{"category":"external","summary":"Advisory link for TID7002362","url":"https://www.suse.com/support/kb/doc/?id=7002362"}],"title":"SUSE CVE CVE-2007-5461","tracking":{"current_release_date":"2023-12-09T03:40:00Z","generator":{"date":"2023-02-15T06:10:31Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2007-5461","initial_release_date":"2023-02-15T06:10:31Z","revision_history":[{"date":"2023-02-15T06:10:31Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:17:56Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:40:00Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}