Apache Tomcat Cookie Handling Single Quotes Vulnerability

  Severity: MEDIUM
  CVE Identifier: CVE-2007-3382
  Advisory Date: OCT 15, 2015

  DESCRIPTION

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.

  TREND MICRO PROTECTION INFORMATION

  • 1001108 - Apache Tomcat Cookie Handling Single Quotes Vulnerability

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1001108
  Trend Micro Deep Security DPI Rule Name: 1001108 - Apache Tomcat Cookie Handling Single Quotes Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • Apache Software Foundation Tomcat 3.3
  • Apache Software Foundation Tomcat 3.3.1
  • Apache Software Foundation Tomcat 3.3.1a
  • Apache Software Foundation Tomcat 3.3.2
  • Apache Software Foundation Tomcat 4.1.0
  • Apache Software Foundation Tomcat 4.1.1
  • Apache Software Foundation Tomcat 4.1.10
  • Apache Software Foundation Tomcat 4.1.15
  • Apache Software Foundation Tomcat 4.1.2
  • Apache Software Foundation Tomcat 4.1.24
  • Apache Software Foundation Tomcat 4.1.28
  • Apache Software Foundation Tomcat 4.1.3
  • Apache Software Foundation Tomcat 4.1.3 beta
  • Apache Software Foundation Tomcat 4.1.31
  • Apache Software Foundation Tomcat 4.1.36
  • Apache Software Foundation Tomcat 4.1.9 beta
  • Apache Software Foundation Tomcat 5.0.0
  • Apache Software Foundation Tomcat 5.0.1
  • Apache Software Foundation Tomcat 5.0.10
  • Apache Software Foundation Tomcat 5.0.11
  • Apache Software Foundation Tomcat 5.0.12
  • Apache Software Foundation Tomcat 5.0.13
  • Apache Software Foundation Tomcat 5.0.14
  • Apache Software Foundation Tomcat 5.0.15
  • Apache Software Foundation Tomcat 5.0.16
  • Apache Software Foundation Tomcat 5.0.17
  • Apache Software Foundation Tomcat 5.0.18
  • Apache Software Foundation Tomcat 5.0.19
  • Apache Software Foundation Tomcat 5.0.2
  • Apache Software Foundation Tomcat 5.0.21
  • Apache Software Foundation Tomcat 5.0.22
  • Apache Software Foundation Tomcat 5.0.23
  • Apache Software Foundation Tomcat 5.0.24
  • Apache Software Foundation Tomcat 5.0.25
  • Apache Software Foundation Tomcat 5.0.26
  • Apache Software Foundation Tomcat 5.0.27
  • Apache Software Foundation Tomcat 5.0.28
  • Apache Software Foundation Tomcat 5.0.29
  • Apache Software Foundation Tomcat 5.0.3
  • Apache Software Foundation Tomcat 5.0.30
  • Apache Software Foundation Tomcat 5.0.4
  • Apache Software Foundation Tomcat 5.0.5
  • Apache Software Foundation Tomcat 5.0.6
  • Apache Software Foundation Tomcat 5.0.7
  • Apache Software Foundation Tomcat 5.0.8
  • Apache Software Foundation Tomcat 5.0.9
  • Apache Software Foundation Tomcat 5.5.0
  • Apache Software Foundation Tomcat 5.5.1
  • Apache Software Foundation Tomcat 5.5.10
  • Apache Software Foundation Tomcat 5.5.11
  • Apache Software Foundation Tomcat 5.5.12
  • Apache Software Foundation Tomcat 5.5.13
  • Apache Software Foundation Tomcat 5.5.14
  • Apache Software Foundation Tomcat 5.5.15
  • Apache Software Foundation Tomcat 5.5.16
  • Apache Software Foundation Tomcat 5.5.17
  • Apache Software Foundation Tomcat 5.5.18
  • Apache Software Foundation Tomcat 5.5.19
  • Apache Software Foundation Tomcat 5.5.2
  • Apache Software Foundation Tomcat 5.5.20
  • Apache Software Foundation Tomcat 5.5.21
  • Apache Software Foundation Tomcat 5.5.22
  • Apache Software Foundation Tomcat 5.5.23
  • Apache Software Foundation Tomcat 5.5.24
  • Apache Software Foundation Tomcat 5.5.3
  • Apache Software Foundation Tomcat 5.5.4
  • Apache Software Foundation Tomcat 5.5.5
  • Apache Software Foundation Tomcat 5.5.6
  • Apache Software Foundation Tomcat 5.5.7
  • Apache Software Foundation Tomcat 5.5.8
  • Apache Software Foundation Tomcat 5.5.9
  • Apache Software Foundation Tomcat 6.0.0
  • Apache Software Foundation Tomcat 6.0.1
  • Apache Software Foundation Tomcat 6.0.10
  • Apache Software Foundation Tomcat 6.0.11
  • Apache Software Foundation Tomcat 6.0.12
  • Apache Software Foundation Tomcat 6.0.13
  • Apache Software Foundation Tomcat 6.0.2
  • Apache Software Foundation Tomcat 6.0.3
  • Apache Software Foundation Tomcat 6.0.4
  • Apache Software Foundation Tomcat 6.0.5
  • Apache Software Foundation Tomcat 6.0.6
  • Apache Software Foundation Tomcat 6.0.7
  • Apache Software Foundation Tomcat 6.0.8
  • Apache Software Foundation Tomcat 6.0.9

Featured Stories