Showing 1 - 4 of 4

CVE-2007-2449

Status Candidate

Overview

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.

Related Files

CA20090123-01.txt: Posted Jan 27, 2009; Authored by Ken Williams | Site www3.ca.com; Multiple security risks exist in Apache Tomcat as included with CA Cohesion and products that contain CA Cohesion. These include, but are not limited to, arbitrary command execution. Affected products include CA Cohesion Application Configuration Manager 4.5, CA CMDB Application Server 11.1, and Unicenter Service Desk 11.2.; tags | advisory, arbitrary; advisories | CVE-2005-2090, CVE-2005-3510, CVE-2006-3835, CVE-2006-7195, CVE-2006-7196, CVE-2007-0450, CVE-2007-1355, CVE-2007-1358, CVE-2007-1858, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2008-0128; SHA-256 | c8609f8dceb80de59813e4e08c5e56ee0e21604a9ddf888c621eda88cd823b65; Download | Favorite | View

Mandriva Linux Security Advisory 2007.241: Posted Dec 11, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in Tomcat 5. These issues include directory traversal, cross site scripting, and information disclosure flaws.; tags | advisory, vulnerability, xss, info disclosure; systems | linux, mandriva; advisories | CVE-2007-0450, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2007-5461; SHA-256 | fc928971bbba5d3ec38a4c957bde2d5e37d0286c0cd61065975c4ce864e7e40a; Download | Favorite | View

HP Security Bulletin 2007-14.47: Posted Oct 10, 2007; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.; tags | advisory, arbitrary, vulnerability, xss; systems | hpux; advisories | CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386; SHA-256 | 85ce851efccb71b60d9f0e47f9402e4ce2d6740afac5c78fc233d8379f869bc3; Download | Favorite | View

CVE-2007-2449.txt: Posted Jun 15, 2007; Site tomcat.apache.org; Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.; tags | exploit, xss; advisories | CVE-2007-2449; SHA-256 | a6c3ae6ce4360fc4d056e2d6c0d8f910d71d7afb1587a7db9a0a2d4f30cc120a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2007-2449

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems