13 matches found
Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25314/info Apache Tomcat Host Manager Servlet is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject...
RHEL 4 : Satellite Server (RHSA-2008:0630)
Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. During an internal security...
Fedora Update for tomcat5 FEDORA-2007-3474
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tomcat5 FEDORA-2007-3456
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tomcat5 FEDORA-2008-1467
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
FreeBSD Ports: apache-tomcat
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Moderate: Red Hat Security Advisory: Red Hat Network Satellite Server security update
Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. During an internal...
Security fix for the ALT Linux 5 package tomcat5 version 0:5.5.25-alt1_1.1jpp5.0
Nov. 30, 2007 Igor Vlasenko 0:5.5.25-alt11.1jpp5.0 - Updated to 5.5.25, to fix the following issues: CVE-2007-1355 CVE-2007-3386 CVE-2007-3385 CVE-2007-3382 CVE-2007-2450 CVE-2007-2449 - Applied patch20 for CVE-2007-5461 - Applied patch21 for CVE-2007-1358 - Add jasper-eclipse subpackage which is...
Fedora 8 : tomcat5-5.5.25-1jpp.1.fc8 (2007-3474)
Updated Tomcat5 packages that fix several security bugs are now available for Fedora Core 8. This update includes fixes to the following : - CVE-2007-1355 - CVE-2007-3386 - CVE-2007-3385 - CVE-2007-3382 - CVE-2007-2450 - CVE-2007-2449 - CVE-2007-5461 - CVE-2007-1358 All users of tomcat are advise...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...
CVE-2007-1358
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
CVE-2007-1358
CVE-2007-1358 is an XSS vulnerability affecting Apache Tomcat 4.x. It allows remote attackers to inject arbitrary script or HTML via crafted Accept-Language headers that do not conform to RFC 2616. Affected product ranges include Tomcat 4.0.0–4.0.6 and 4.1.0–4.1.34. The issue is triggered by impr...
Fixed in Apache Tomcat 5.5.21, 5.0.SVN
Low: Cross-site scripting CVE-2007-1358 Web pages that display the Accept-Language header value sent by the client are susceptible to a cross-site scripting attack if they assume the Accept-Language header value conforms to RFC 2616. Under normal circumstances this would not be possible to exploi...