Lucene search

PRIOn knowledge basePRION:CVE-2011-0013

HistoryFeb 19, 2011 - 1:00 a.m.

Cross site scripting

2011-02-1901:00:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

CPENameOperatorVersion
tomcateq7.0.1
tomcateq7.0.2
tomcateq7.0.5
tomcateq7.0.0
tomcateq7.0.4
tomcateq7.0.3
tomcateq6.0.6
tomcateq6.0.11
tomcateq6.0.7
tomcateq6.0.4

Name	Operator	Version
tomcat	eq	7.0.1
tomcat	eq	7.0.2
tomcat	eq	7.0.5
tomcat	eq	7.0.0
tomcat	eq	7.0.4
tomcat	eq	7.0.3
tomcat	eq	6.0.6
tomcat	eq	6.0.11
tomcat	eq	6.0.7
tomcat	eq	6.0.4

Rows per page:

1-10 of 651

References

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

secunia.com/advisories/43192

secunia.com/advisories/45022

secunia.com/advisories/57126

securityreason.com/securityalert/8093

support.apple.com/kb/HT5002

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html

tomcat.apache.org/security-5.html

tomcat.apache.org/security-6.html

tomcat.apache.org/security-7.html

www.debian.org/security/2011/dsa-2160

www.mandriva.com/security/advisories?name=MDVSA-2011:030

www.redhat.com/support/errata/RHSA-2011-0791.html

www.redhat.com/support/errata/RHSA-2011-0896.html

www.redhat.com/support/errata/RHSA-2011-0897.html

www.redhat.com/support/errata/RHSA-2011-1845.html

www.securityfocus.com/archive/1/516209/30/90/threaded

www.securityfocus.com/bid/46174

www.securitytracker.com/id?1025026

www.vupen.com/english/advisories/2011/0376

bugzilla.redhat.com/show_bug.cgi?id=675786

lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

marc.info/?l=bugtraq&m=130168502603566&w=2

marc.info/?l=bugtraq&m=132215163318824&w=2

marc.info/?l=bugtraq&m=136485229118404&w=2

marc.info/?l=bugtraq&m=139344343412337&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12878

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14945

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19269

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.3%

JSON

Related for PRION:CVE-2011-0013