HP Security Bulletin HPSBST02955 2 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 2 of this advisory.
6410ff7bef195c9761122d2dbcef0fcb62f17fc9f0e7743be62f8af8196a6887HP Security Bulletin HPSBST02955 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 1 of this advisory.
7a0da1c21ab0ea1ff0e437cda710d643179e7469a520d96d54e7b1e4ad034845Gentoo Linux Security Advisory 201206-24 - Multiple vulnerabilities were found in Apache Tomcat, the worst of which allowing to read, modify and overwrite arbitrary files. Versions 5.5.34 are affected.
2554deef0443d375e952662e346879fa72a6339fcb77237d7e198b3b4d27ff87Apple Security Advisory 2011-10-12-3 - OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.
4d539896720bca2e48b218929a6c10484c83d72ac4b634adbd7f33f680f59edeRed Hat Security Advisory 2011-0897-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
7aecf3731e5d7ec16a49db4e8573debf3eeae784616883cd4920d2dccde550deRed Hat Security Advisory 2011-0896-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
afb754e948ecb997661a2640f0ff3042c01bce970a3e081cc14ecea1dd6901bcUbuntu Security Notice 1048-1 - It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain.
89889f3f1ef8e9e23135999eb91d208da047c895f2d4effcebf3741b486acb04The session list screen (provided by sessionList.jsp) in affected versions of Apache Tomcat Manager uses the orderBy and sort request parameters without applying filtering and therefore is vulnerable to a cross-site scripting attack. Versions 7.0.0 through 7.0.4 and 6.0.12 through 6.0.29 are affected.
486777c2531b3377eea0df5a8570190ea9f8e536d75e7989f9c974dc66148c85
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed