CVE-2011-4367

Apache MyFaces Core <2.0.12, <2.1.6 - Path Traversal

Title source: llm

Description

Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ln parameter to faces/javax.faces.resource/web.xml or (2) the PATH_INFO to faces/javax.faces.resource/.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Paul Nicolucci · textremotemultiple

https://www.exploit-db.com/exploits/36681

View Code ZIP pw:eip

nomisec STUB

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2011-4367-myfaces-vulnerable

View Code ZIP pw:eip

nomisec WRITEUP

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2011-4367-myfaces-vulnerable

View Code ZIP pw:eip

nomisec STUB

by shoucheng3 · poc

https://github.com/shoucheng3/apache__myfaces_CVE-2011-4367_2-0-11

View Code ZIP pw:eip

References (6)

[Exploit, Vendor Advisory] http://mail-archives.apache.org/mod_mbox/myfaces-announce/201202.mbox/%3C4F33ED1F.4070007%40apache.org%3E

[Broken Link] http://osvdb.org/show/osvdb/79002

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2012/Feb/150

[Third Party Advisory] http://secunia.com/advisories/47973

[Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51939

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/73100

Scores

EPSS 0.8592

EPSS Percentile 99.4%

Details

CWE

CWE-22

Status published

Products (2)

apache/myfaces 2.0.1 - 2.0.11

org.apache.myfaces.core/myfaces-impl 2.0.0 - 2.0.12Maven

Published Jun 19, 2014

Tracked Since Feb 18, 2026