Lucene search
K

6 matches found

Cvelist
Cvelist
added 2012/11/17 7:0 p.m.34 views

CVE-2012-5886

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to...

9.2AI score0.08768EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2012/02/07 12:0 a.m.33 views

SuSE 11.1 Security Update : tomcat6 (SAT Patch Number 5759)

This update fixes a regression in parameter passing in urldecoding of parameters that contain spaces. In addition, multiple weaknesses in HTTP DIGESTS have been fixed CVE-2011-1184 : - The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33 and...

5CVSS5.8AI score0.0854EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2011/02/11 12:0 a.m.45 views

Apache Tomcat 5.5.x < 5.5.32 HTML Manager Interface XSS

According to its self-reported version number, the instance of Apache Tomcat 5.5.x listening on the remote host is prior to 5.5.32. It is, therefore, affected by a cross-site scripting vulnerability in its HTML Manager interface. An input validation error exists in the HTML Manager interface of...

4.3CVSS5.4AI score0.10228EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2010/04/23 12:0 a.m.9 views

PT-2010-2872 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.0 through 5.5.29 Apache Tomcat versions 6.0.0 through 6.0.26 Description: The issue allows remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires either...

7.5CVSS5.3AI score0.9444EPSS
Exploits38References86
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/09 12:0 a.m.51 views

JVN#63832775: Apache Tomcat information disclosure vulnerability

Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat contains a vulnerability which may allow information disclosure or access to the contents contained in the WEB-INF directory. Impact A remote attacker cou...

5CVSS5AI score0.18685EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/08/15 12:0 a.m.41 views

JVN#59851336 Apache Tomcat Host Manager cross-site scripting vulnerability

Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. The Host Manager Servlet does not properly filter user supplied data. This enables a cross-site scripting attack. Impact An arbitrary script could be executed on the...

4.3CVSS7.1AI score0.58956EPSS
Exploits2
Rows per page
Query Builder