CVE-2013-4444

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 7.0.0 through 7.0.39

Description The issue allows remote attackers to execute arbitrary code by uploading and accessing a JSP file, in certain situations involving outdated java.io.File code and a custom JMX configuration. For this attack to succeed, specific requirements must be met, including the use of Oracle Java 1.7.0 update 25 or earlier, a web application deployed to a vulnerable version of Tomcat, and a custom listener for JMX connections. The Tomcat security documentation recommends against having a file location within a deployed web application writeable by the user the Tomcat process is running as.

Recommendations For Apache Tomcat versions 7.0.0 through 7.0.39, update to version 7.0.40 or later to resolve the issue. As a temporary workaround, consider disabling the use of the Servlet 3.0 File Upload feature and restricting access to custom JMX listeners. Additionally, ensure that file locations within deployed web applications are not writeable by the user the Tomcat process is running as, and avoid using Oracle Java 1.7.0 update 25 or earlier.