Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability

Bugtraq ID: 24476
Class: Input Validation Error
CVE: CVE-2007-2449
Remote: Yes
Local: No
Published: Jun 14 2007 12:00AM
Updated: Mar 19 2015 08:19AM
Credit: These issues were discovered by an unknown security researcher and reported to JPCERT.
Vulnerable: SuSE SUSE Linux Enterprise Server SDK 9
SuSE SUSE Linux Enterprise Server 9 SP3
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise SDK 10 SP1
SuSE SUSE Linux Enterprise SDK 10
SuSE SUSE Linux Enterprise Desktop 10 SP1
SuSE SUSE Linux Enterprise Desktop 10
SuSE openSUSE 10.3
SuSE Linux Professional 10.2 x86_64
SuSE Linux Personal 10.2 x86_64
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SuSE Linux Open-Xchange 4.1
S.u.S.E. openSUSE 10.2
S.u.S.E. openSUSE 10.1
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Desktop 10
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
RedHat Network Satellite (for RHEL 4) 5.1
RedHat Network Satellite (for RHEL 4) 4.2
RedHat Enterprise Linux Desktop Workstation 5 client
Red Hat Red Hat Network Satellite Server 5.0
Red Hat Network Satellite (for RHEL 3) 4.2
Red Hat Fedora 7
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Novell ZENworks Linux Management 7.3
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Computer Associates Cohesion Application Configuration Manager 4.5
Apple Mac OS X Server 10.4.11
Apple Mac OS X 10.4.11
Apache Software Foundation Tomcat 6.0.13
Apache Software Foundation Tomcat 6.0.12
Apache Software Foundation Tomcat 6.0.11
Apache Software Foundation Tomcat 6.0.10
Apache Software Foundation Tomcat 6.0.1
Apache Software Foundation Tomcat 5.5.24
Apache Software Foundation Tomcat 5.5.23
Apache Software Foundation Tomcat 5.5.22
Apache Software Foundation Tomcat 5.5.21
Apache Software Foundation Tomcat 5.5.20
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Software Foundation Tomcat 5.5.19
Apache Software Foundation Tomcat 5.5.18
Apache Software Foundation Tomcat 5.5.17
Apache Software Foundation Tomcat 5.5.16
Apache Software Foundation Tomcat 5.5.15
Apache Software Foundation Tomcat 5.5.14
Apache Software Foundation Tomcat 5.5.13
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.9
Apache Software Foundation Tomcat 5.5.8
Apache Software Foundation Tomcat 5.5.7
Apache Software Foundation Tomcat 5.5.6
Apache Software Foundation Tomcat 5.5.5
Apache Software Foundation Tomcat 5.5.4
Apache Software Foundation Tomcat 5.5.3
Apache Software Foundation Tomcat 5.5.2
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5
Apache Software Foundation Tomcat 5.0.30
Apache Software Foundation Tomcat 5.0.16
Apache Software Foundation Tomcat 5.0.15
Apache Software Foundation Tomcat 5.0.14
Apache Software Foundation Tomcat 5.0.13
Apache Software Foundation Tomcat 5.0.12
Apache Software Foundation Tomcat 5.0.11
Apache Software Foundation Tomcat 5.0.10
Apache Software Foundation Tomcat 5.0.3
Apache Software Foundation Tomcat 5.0.2
Apache Software Foundation Tomcat 5.0.1
Apache Software Foundation Tomcat 4.1.36
Apache Software Foundation Tomcat 4.1
- BSDI BSD/OS 4.0
- Caldera OpenLinux 2.4
- Conectiva Linux 5.1
- Debian Linux 2.3
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.5
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
- RedHat Linux 6.2 i386
- RedHat Linux 6.1 i386
- SGI IRIX 6.5
- SGI IRIX 6.4
- SGI IRIX 3.3
- Sun Solaris 8_sparc
- Sun Solaris 7.0
Apache Software Foundation Tomcat 4.0.6
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
Apache Software Foundation Tomcat 4.0.5
Apache Software Foundation Tomcat 4.0.4
Apache Software Foundation Tomcat 4.0.3
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
Apache Software Foundation Tomcat 4.0.2
Apache Software Foundation Tomcat 4.0.1
- BSDI BSD/OS 4.0
- Caldera OpenLinux 2.4
- Conectiva Linux 5.1
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
- RedHat Linux 6.2 i386
- RedHat Linux 6.1 i386
- SGI IRIX 6.5
- SGI IRIX 6.4
- SGI IRIX 3.3
- Sun Solaris 8_sparc
- Sun Solaris 7.0
Apache Software Foundation Tomcat 4.0
Apache Software Foundation Tomcat 5.0
Not Vulnerable: Computer Associates Cohesion Application Configuration Manager 4.5 SP1
Apache Software Foundation Tomcat 4.1.37


 

Privacy Statement
Copyright 2010, SecurityFocus