Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2007-3382
HistoryAug 14, 2007 - 10:00 p.m.

CVE-2007-3382

2007-08-1422:00:00
redhat
www.cve.org
2

7.3 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes (β€œ'”) as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

References

Related

prion 1
osv 3
nvd 1
securityvulns 2
cert 1
cve 1
github 1
ubuntucve 1
veracode 1
redhat 7
seebug 1
centos 1
openvas 30
nessus 24
oraclelinux 1
debian 2
atlassian 2
tomcat 3
fedora 5
altlinux 1
prion
prion
Session fixation
2007-08-14 22:17:00
osv
osv
Apache Tomcat treats single quotes as delimiters in cookies
2022-05-01 18:13:14
tomcat5 - several vulnerabilities
2008-01-07 00:00:00
tomcat5.5 several vulnerabilities
2008-01-03 00:00:00
nvd
nvd
CVE-2007-3382
2007-08-14 22:17:00
securityvulns
securityvulns
CVE-2007-3382: Handling of cookies containing a ' character
2007-08-14 00:00:00
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)
2009-01-28 00:00:00
cert
cert
Apache Tomcat fails to properly handle cookies containing single quotes
2007-08-14 00:00:00
cve
cve
CVE-2007-3382
2007-08-14 22:17:00
github
github
Apache Tomcat treats single quotes as delimiters in cookies
2022-05-01 18:13:14
ubuntucve
ubuntucve
CVE-2007-3382
2007-08-14 00:00:00
veracode
veracode
Session Hijacking
2018-11-13 05:10:16
redhat
redhat
(RHSA-2007:0950) Moderate: JBoss Enterprise Application Platform security update
2007-11-05 00:00:00
(RHSA-2007:0871) Moderate: tomcat security update
2007-09-26 00:00:00
(RHSA-2008:0195) Moderate: tomcat security update
2008-04-28 00:00:00
seebug
seebug
Apache Tomcat倚δΈͺθΏœη¨‹δΏ‘ζ―ζ³„ιœ²ζΌζ΄ž
2007-08-23 00:00:00
centos
centos
tomcat5 security update
2007-09-28 08:11:50
openvas
openvas
Debian Security Advisory DSA 1453-1 (tomcat5)
2008-01-17 00:00:00
Oracle: Security Advisory (ELSA-2007-0871)
2015-10-08 00:00:00
Debian: Security Advisory (DSA-1453-1)
2008-01-17 00:00:00
nessus
nessus
Oracle Linux 5 : tomcat (ELSA-2007-0871)
2013-07-12 00:00:00
Debian DSA-1453-1 : tomcat5 - several vulnerabilities
2008-01-08 00:00:00
CentOS 5 : tomcat (CESA-2007:0871)
2010-01-06 00:00:00
oraclelinux
oraclelinux
Moderate: tomcat security update
2007-09-26 00:00:00
debian
debian
[SECURITY] [DSA 1453-1] New tomcat5 packages fix several vulnerabilities
2008-01-07 18:41:20
[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
2008-01-03 21:54:49
atlassian
atlassian
Upgrade standalone Tomcat to 5.5.25
2008-01-15 04:23:59
Upgrade standalone Tomcat to 5.5.25
2008-01-15 04:23:59
tomcat
tomcat
Fixed in Apache Tomcat 6.0.14
2007-08-13 00:00:00
Fixed in Apache Tomcat 5.5.25, 5.0.SVN
2007-09-08 00:00:00
Fixed in Apache Tomcat 4.1.37
2005-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: tomcat5-5.5.25-1jpp.1.fc8
2007-11-17 05:37:36
[SECURITY] Fedora 7 Update: tomcat5-5.5.25-1jpp.1.fc7
2007-11-17 05:34:43
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
altlinux
altlinux
Security fix for the ALT Linux 5 package tomcat5 version 0:5.5.25-alt1_1.1jpp5.0
2007-11-30 00:00:00

7.3 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON
Related for CVELIST:CVE-2007-3382
prion1osv3nvd1securityvulns2cert1cve1github1ubuntucve1veracode1redhat7seebug1centos1openvas30nessus24oraclelinux1debian2atlassian2tomcat3fedora5altlinux1