9 matches found
SUSE CVE-2006-7195
Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...
Oracle Linux 5 : Important: / tomcat (ELSA-2007-0327)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0327 advisory. jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 1.1-8jpp.1.0.2.el5 - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694...
Scientific Linux Security Update : tomcat on SL5.x i386/x86_64
Some JSPs within the 'examples' web application did not escape user provided data. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks CVE-2007-2449. Note: it is recommended the 'examples' web application not be installed on a...
VMSA-2008-0002 : Low severity security update for VirtualCenter and ESX
Updated VirtualCenter fixes the following application vulnerabilities a. Tomcat Server Security Update This release of VirtualCenter Server updates the Tomcat Server package from 5.5.17 to 5.5.25, which addresses multiple security issues that existed in the earlier releases of Tomcat Server. The...
Moderate: Red Hat Security Advisory: Red Hat Network Satellite Server security update
Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...
SuSE 10 Security Update : Geronimo (ZYPP Patch Number 4864)
The file 'implict-objects.jsp' displayed some header values unfiltered. Attackers could exploit that for cross-site scripting XSS attacks. CVE-2006-7195 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
RHEL 5 : tomcat (RHSA-2007:0327)
Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomca...
Important: Red Hat Security Advisory: tomcat security update
Updated tomcat packages that fix multiple security issues and a bug are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and JavaServer Pages...
Fixed in Apache Tomcat 5.5.18, 5.0.SVN
Moderate: Cross-site scripting CVE-2006-7195 The implicit-objects.jsp in the examples webapp displayed a number of unfiltered header values. This enabled a XSS attack. These values are now filtered. Affects: 5.0.0-5.0.30, 5.5.0-5.5.17...