CVE-2007-5342
Description
Apache Tomcat's default catalina.policy in JULI logging allows web applications to modify logging configuration and overwrite arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Apache Tomcat's default catalina.policy in JULI logging allows web applications to modify logging configuration and overwrite arbitrary files.
Vulnerability
The default catalina.policy in the JULI logging component of Apache Tomcat versions 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not properly restrict permissions for web applications [1][2]. This allows attackers to modify logging configuration options, specifically the level, directory, and prefix attributes in the org.apache.juli.FileHandler handler, enabling arbitrary file overwrite [2].
Exploitation
An attacker needs to deploy a malicious web application to the Tomcat server or have existing access to a web application's code execution context. By altering the logging configuration via the JULI handler, the attacker can redirect log output to arbitrary file paths, effectively overwriting any file writable by the Tomcat process [2].
Impact
Successful exploitation allows an attacker to overwrite arbitrary files on the server, potentially leading to denial of service, privilege escalation, or remote code execution if critical files (e.g., configuration or class files) are replaced [2]. The attacker gains the ability to modify system files within the Tomcat process's write permissions.
Mitigation
Apache Tomcat 5.5.26 and 6.0.16 fixed this issue by tightening the default security policy [1][3]. Users should upgrade to these versions or later. Note that Tomcat 5.5.x and 6.0.x have reached end of life and are no longer supported; users are advised to upgrade to a supported branch like 9.0.x [1][3]. No workaround is documented in the available references.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tomcat:tomcat-juliMaven | >= 5.5.9, <= 5.5.25 | — |
org.apache.tomcat:tomcat-juliMaven | >= 6.0.0, <= 6.0.15 | — |
Affected products
34cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*+ 32 more
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
57- www.securityfocus.com/bid/27006nvdPatchWEB
- github.com/advisories/GHSA-w65j-cmqc-37p2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-5342ghsaADVISORY
- lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlnvdWEB
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvdWEB
- marc.infonvdWEB
- security.gentoo.org/glsa/glsa-200804-10.xmlnvdWEB
- securityreason.com/securityalert/3485nvdWEB
- support.apple.com/kb/HT3216nvdWEB
- support.avaya.com/elmodocs2/security/ASA-2008-401.htmnvdWEB
- svn.apache.org/viewvcnvdWEB
- tomcat.apache.org/security-5.htmlnvdWEB
- tomcat.apache.org/security-6.htmlnvdWEB
- www.debian.org/security/2008/dsa-1447nvdWEB
- www.mandriva.com/security/advisoriesnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0042.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0195.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0831.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0832.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0833.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0834.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0862.htmlnvdWEB
- www.securityfocus.com/archive/1/485481/100/0/threadednvdWEB
- www.securityfocus.com/archive/1/507985/100/0/threadednvdWEB
- www.securityfocus.com/bid/31681nvdWEB
- www.vmware.com/security/advisories/VMSA-2008-0010.htmlnvdWEB
- www.vmware.com/security/advisories/VMSA-2009-0016.htmlnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/39201nvdWEB
- github.com/apache/tomcat/tree/main/java/org/apache/julighsaPACKAGE
- lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3EghsaWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417nvdWEB
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.htmlnvdWEB
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.htmlnvdWEB
- osvdb.org/39833nvd
- secunia.com/advisories/28274nvd
- secunia.com/advisories/28317nvd
- secunia.com/advisories/28915nvd
- secunia.com/advisories/29313nvd
- secunia.com/advisories/29711nvd
- secunia.com/advisories/30676nvd
- secunia.com/advisories/32120nvd
- secunia.com/advisories/32222nvd
- secunia.com/advisories/32266nvd
- secunia.com/advisories/37460nvd
- secunia.com/advisories/57126nvd
- www.vupen.com/english/advisories/2008/0013nvd
- www.vupen.com/english/advisories/2008/1856/referencesnvd
- www.vupen.com/english/advisories/2008/2780nvd
- www.vupen.com/english/advisories/2008/2823nvd
- www.vupen.com/english/advisories/2009/3316nvd
News mentions
0No linked articles in our index yet.