Lucene search
RootSSV:60787HistoryMay 17, 2013 - 12:00 a.m.
Apache Tomcat 信息泄露漏洞(CVE-2013-2071)
2013-05-1700:00:00
Root
www.seebug.org
26
0.002 Low
EPSS
Percentile
59.7%
BUGTRAQ ID: 59798
CVE(CAN) ID: CVE-2013-2071
Apache Tomcat是一个流行的开源JSP应用服务器程序。
Tomcat 7.0.0 - 7.0.39内,AsyncListener的onComplete在执行某些情况下的请求管理时存在运行时异常,org.apache.catalina.connector.Request会因此不再循环。远程攻击者可利用此漏洞获取敏感信息。
0
Apache Group Tomcat 7.0.0 - 7.0.39
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
nessus
nessus
Fedora 17 : tomcat-7.0.40-1.fc17 (2013-7999)
2013-05-22 00:00:00
Fedora 19 : tomcat-7.0.40-2.fc19 (2013-7979)
2013-05-26 00:00:00
Fedora 18 : tomcat-7.0.40-1.fc18 (2013-7993)
2013-05-22 00:00:00
openvas
openvas
Fedora Update for tomcat FEDORA-2013-7999
2013-05-23 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-191)
2015-09-08 00:00:00
Fedora Update for tomcat FEDORA-2013-7993
2013-05-23 00:00:00
ubuntucve
ubuntucve
CVE-2013-2071
2013-05-10 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-06-01 14:21:00
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-17 02:44:28
tomcat7 - security update
2014-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: tomcat-7.0.40-1.fc17
2013-05-21 08:28:12
[SECURITY] Fedora 19 Update: tomcat-7.0.40-2.fc19
2013-05-24 20:43:43
[SECURITY] Fedora 18 Update: tomcat-7.0.40-1.fc18
2013-05-21 08:45:56
securityvulns
securityvulns
[security bulletin] HPSBMU02966 rev.1 - HP Operations Orchestration, Unauthorized Access to Information
2014-03-03 00:00:00
CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException
2013-05-10 00:00:00
Apache Tomcat security vulnerabilities
2013-05-10 00:00:00
mageia
mageia
Updated tomcat7 packages fix CVE-2013-2071
2013-07-01 23:08:10
amazon
amazon
Low: tomcat7
2013-05-24 13:55:00
debiancve
debiancve
CVE-2013-2071
2013-06-01 14:21:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-17 02:44:28
cve
cve
CVE-2013-2071
2013-06-01 14:21:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.40
2013-05-09 00:00:00
atlassian
atlassian
Upgrade bundled Tomcat due to security vulnerabilities
2013-05-21 04:29:40
Upgrade bundled Tomcat due to security vulnerabilities
2013-05-21 04:29:40
Upgrade bundled Tomcat to 6.0.37
2013-05-21 00:23:31
ubuntu
ubuntu
Tomcat vulnerabilities
2013-05-28 00:00:00
debian
debian
[SECURITY] [DSA 2897-1] tomcat7 security update
2014-04-08 18:25:14
redhat
redhat
(RHSA-2013:1012) Moderate: Red Hat JBoss Web Server 2.0.1 update
2013-07-03 15:40:17
(RHSA-2013:1011) Moderate: Red Hat JBoss Web Server 2.0.1 update
2013-07-03 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2014
2014-01-14 00:00:00