Showing 1 - 4 of 4

CVE-2007-2449

Status Candidate

Overview

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.

Related Files

CA20090123-01.txt: Posted Jan 27, 2009; Authored by Ken Williams | Site www3.ca.com; Multiple security risks exist in Apache Tomcat as included with CA Cohesion and products that contain CA Cohesion. These include, but are not limited to, arbitrary command execution. Affected products include CA Cohesion Application Configuration Manager 4.5, CA CMDB Application Server 11.1, and Unicenter Service Desk 11.2.; tags | advisory, arbitrary; advisories | CVE-2005-2090, CVE-2005-3510, CVE-2006-3835, CVE-2006-7195, CVE-2006-7196, CVE-2007-0450, CVE-2007-1355, CVE-2007-1358, CVE-2007-1858, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2008-0128; SHA-256 | c8609f8dceb80de59813e4e08c5e56ee0e21604a9ddf888c621eda88cd823b65; Download | Favorite | View

Mandriva Linux Security Advisory 2007.241: Posted Dec 11, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in Tomcat 5. These issues include directory traversal, cross site scripting, and information disclosure flaws.; tags | advisory, vulnerability, xss, info disclosure; systems | linux, mandriva; advisories | CVE-2007-0450, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2007-5461; SHA-256 | fc928971bbba5d3ec38a4c957bde2d5e37d0286c0cd61065975c4ce864e7e40a; Download | Favorite | View

HP Security Bulletin 2007-14.47: Posted Oct 10, 2007; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.; tags | advisory, arbitrary, vulnerability, xss; systems | hpux; advisories | CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386; SHA-256 | 85ce851efccb71b60d9f0e47f9402e4ce2d6740afac5c78fc233d8379f869bc3; Download | Favorite | View

CVE-2007-2449.txt: Posted Jun 15, 2007; Site tomcat.apache.org; Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.; tags | exploit, xss; advisories | CVE-2007-2449; SHA-256 | a6c3ae6ce4360fc4d056e2d6c0d8f910d71d7afb1587a7db9a0a2d4f30cc120a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 248 files
Ubuntu 91 files
indoushka 58 files
Jasper Nota 25 files
Willem Westerhof 19 files
Gentoo 13 files
Debian 13 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,087)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,536)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,612)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,441)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,727)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

CVE-2007-2449

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems