Apache Tomcat Cross-site Scripting Vulnerability

Publish Date: 21 de lipca de 2015

Severity: : Medium

CVE Kennungen: : CVE-2006-7196

Advisory Date: 21 de lipca de 2015

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.

INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

AFFECTED SOFTWARE AND VERSION:

Apache Software Foundation Tomcat 4.0.0
Apache Software Foundation Tomcat 4.0.1
Apache Software Foundation Tomcat 4.0.2
Apache Software Foundation Tomcat 4.0.3
Apache Software Foundation Tomcat 4.0.4
Apache Software Foundation Tomcat 4.0.5
Apache Software Foundation Tomcat 4.0.6
Apache Software Foundation Tomcat 4.1.31
Apache Software Foundation Tomcat 5.0.0
Apache Software Foundation Tomcat 5.0.1
Apache Software Foundation Tomcat 5.0.10
Apache Software Foundation Tomcat 5.0.11
Apache Software Foundation Tomcat 5.0.12
Apache Software Foundation Tomcat 5.0.13
Apache Software Foundation Tomcat 5.0.14
Apache Software Foundation Tomcat 5.0.15
Apache Software Foundation Tomcat 5.0.16
Apache Software Foundation Tomcat 5.0.17
Apache Software Foundation Tomcat 5.0.18
Apache Software Foundation Tomcat 5.0.19
Apache Software Foundation Tomcat 5.0.2
Apache Software Foundation Tomcat 5.0.21
Apache Software Foundation Tomcat 5.0.22
Apache Software Foundation Tomcat 5.0.23
Apache Software Foundation Tomcat 5.0.24
Apache Software Foundation Tomcat 5.0.25
Apache Software Foundation Tomcat 5.0.26
Apache Software Foundation Tomcat 5.0.27
Apache Software Foundation Tomcat 5.0.28
Apache Software Foundation Tomcat 5.0.29
Apache Software Foundation Tomcat 5.0.3
Apache Software Foundation Tomcat 5.0.30
Apache Software Foundation Tomcat 5.0.4
Apache Software Foundation Tomcat 5.0.5
Apache Software Foundation Tomcat 5.0.6
Apache Software Foundation Tomcat 5.0.7
Apache Software Foundation Tomcat 5.0.8
Apache Software Foundation Tomcat 5.0.9
Apache Software Foundation Tomcat 5.5.0
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.13
Apache Software Foundation Tomcat 5.5.14
Apache Software Foundation Tomcat 5.5.15
Apache Software Foundation Tomcat 5.5.2
Apache Software Foundation Tomcat 5.5.3
Apache Software Foundation Tomcat 5.5.4
Apache Software Foundation Tomcat 5.5.5
Apache Software Foundation Tomcat 5.5.6
Apache Software Foundation Tomcat 5.5.7
Apache Software Foundation Tomcat 5.5.8
Apache Software Foundation Tomcat 5.5.9

Apache Tomcat Cross-site Scripting Vulnerability

DESCRIPTION

INFORMATION EXPOSURE

SOLUTION

AFFECTED SOFTWARE AND VERSION:

Zasoby

Wsparcie

O firmie Trend

Siedziba firmy