Apache Tomcat XSS In SendMailServlet
Publish Date: 21 Juli 2015
Schweregrad:: Mittel
CVE Kennungen:: CVE-2007-3383
Hinweisdatum: 21 Juli 2015
Beschreibung
Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Betroffene Software und Version:
- Apache Tomcat 4.0.0
- Apache Tomcat 4.0.1
- Apache Tomcat 4.0.2
- Apache Tomcat 4.0.3
- Apache Tomcat 4.0.4
- Apache Tomcat 4.0.5
- Apache Tomcat 4.0.6
- Apache Tomcat 4.1.0
- Apache Tomcat 4.1.1
- Apache Tomcat 4.1.10
- Apache Tomcat 4.1.15
- Apache Tomcat 4.1.2
- Apache Tomcat 4.1.24
- Apache Tomcat 4.1.28
- Apache Tomcat 4.1.3
- Apache Tomcat 4.1.31
- Apache Tomcat 4.1.36