CVE-2009-0783

Name	CVE-2009-0783
Description	Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
Source	CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
References	DSA-2207-1
NVD severity	medium (attack range: local)
Debian Bugs	532362, 532363, 532366
Debian/oldstable	not vulnerable.
Debian/stable	not vulnerable.
Debian/testing	not vulnerable.
Debian/unstable	not vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
tomcat6 (PTS)	squeeze (security), squeeze	6.0.35-1+squeeze4	fixed
	squeeze (lts)	6.0.41-2+squeeze6	fixed
	wheezy, wheezy (security)	6.0.35-6+deb7u1	fixed
	jessie, sid	6.0.41-3	fixed

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
tomcat5	source	(unstable)	(unfixed)	low		532363
tomcat5.5	source	(unstable)	(unfixed)	low		532366
tomcat5.5	source	lenny	5.5.26-5lenny2	medium	DSA-2207-1
tomcat6	source	(unstable)	6.0.20-1	low		532362
tomcat6	source	lenny	(not affected)

[lenny] - tomcat6 <not-affected> (Only ships the servlet package)