Apache Tomcat Cross-site Scripting Vulnerability

Publish Date: 21 juillet 2015

Gravité: : Medium

Identifiant(s) CVE: : CVE-2006-7196

Date du conseil: 21 juillet 2015

Description

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.

Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

Solutions

Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

Affected software and version:

Apache Software Foundation Tomcat 4.0.0
Apache Software Foundation Tomcat 4.0.1
Apache Software Foundation Tomcat 4.0.2
Apache Software Foundation Tomcat 4.0.3
Apache Software Foundation Tomcat 4.0.4
Apache Software Foundation Tomcat 4.0.5
Apache Software Foundation Tomcat 4.0.6
Apache Software Foundation Tomcat 4.1.31
Apache Software Foundation Tomcat 5.0.0
Apache Software Foundation Tomcat 5.0.1
Apache Software Foundation Tomcat 5.0.10
Apache Software Foundation Tomcat 5.0.11
Apache Software Foundation Tomcat 5.0.12
Apache Software Foundation Tomcat 5.0.13
Apache Software Foundation Tomcat 5.0.14
Apache Software Foundation Tomcat 5.0.15
Apache Software Foundation Tomcat 5.0.16
Apache Software Foundation Tomcat 5.0.17
Apache Software Foundation Tomcat 5.0.18
Apache Software Foundation Tomcat 5.0.19
Apache Software Foundation Tomcat 5.0.2
Apache Software Foundation Tomcat 5.0.21
Apache Software Foundation Tomcat 5.0.22
Apache Software Foundation Tomcat 5.0.23
Apache Software Foundation Tomcat 5.0.24
Apache Software Foundation Tomcat 5.0.25
Apache Software Foundation Tomcat 5.0.26
Apache Software Foundation Tomcat 5.0.27
Apache Software Foundation Tomcat 5.0.28
Apache Software Foundation Tomcat 5.0.29
Apache Software Foundation Tomcat 5.0.3
Apache Software Foundation Tomcat 5.0.30
Apache Software Foundation Tomcat 5.0.4
Apache Software Foundation Tomcat 5.0.5
Apache Software Foundation Tomcat 5.0.6
Apache Software Foundation Tomcat 5.0.7
Apache Software Foundation Tomcat 5.0.8
Apache Software Foundation Tomcat 5.0.9
Apache Software Foundation Tomcat 5.5.0
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.13
Apache Software Foundation Tomcat 5.5.14
Apache Software Foundation Tomcat 5.5.15
Apache Software Foundation Tomcat 5.5.2
Apache Software Foundation Tomcat 5.5.3
Apache Software Foundation Tomcat 5.5.4
Apache Software Foundation Tomcat 5.5.5
Apache Software Foundation Tomcat 5.5.6
Apache Software Foundation Tomcat 5.5.7
Apache Software Foundation Tomcat 5.5.8
Apache Software Foundation Tomcat 5.5.9

Apache Tomcat Cross-site Scripting Vulnerability

Description

Information Exposure Rating:

Solutions

Affected software and version:

Ressources

Support

À propos de Trend

Siège social national

Apache Tomcat Cross-site Scripting Vulnerability

Description

Information Exposure Rating:

Solutions

Affected software and version:

Ressources

Support

À propos de Trend

Siège social national

Amérique

Moyen-Orient et Afrique

Europe

Asie-Pacifique