|
|
Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
|
Bugtraq ID:
|
24999
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-3383
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jul 21 2007 12:00AM
|
|
Updated:
|
Jul 01 2008 12:40AM
|
|
Credit:
|
Tomasz Kuczynski is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apache Software Foundation Tomcat 4.1.36
Apache Software Foundation Tomcat 4.1.34
+
Gentoo Linux 1.4 _rc3
+
Gentoo Linux 1.4 _rc2
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.2
Apache Software Foundation Tomcat 4.1.24
+
Gentoo Linux 1.4 _rc3
+
Gentoo Linux 1.4 _rc2
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.2
Apache Software Foundation Tomcat 4.1.12
Apache Software Foundation Tomcat 4.1.10
Apache Software Foundation Tomcat 4.1.9 beta
Apache Software Foundation Tomcat 4.1.3 beta
Apache Software Foundation Tomcat 4.1
-
BSDI BSD/OS 4.0
-
Caldera OpenLinux 2.4
-
Conectiva Linux 5.1
-
Debian Linux 2.3
-
Debian Linux 2.2
-
Debian Linux 2.1
-
Digital UNIX 4.0
-
FreeBSD FreeBSD 5.0
-
FreeBSD FreeBSD 4.5
-
MandrakeSoft Linux Mandrake 7.1
-
MandrakeSoft Linux Mandrake 7.0
-
NetBSD NetBSD 1.4.2 x86
-
NetBSD NetBSD 1.4.1 x86
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.1 i386
-
SGI IRIX 6.5
-
SGI IRIX 6.4
-
SGI IRIX 3.3
-
Sun Solaris 8
-
Sun Solaris 7.0
Apache Software Foundation Tomcat 4.0.6
+
Gentoo Linux 1.4 _rc3
+
Gentoo Linux 1.4 _rc2
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.2
Apache Software Foundation Tomcat 4.0.5
+
RedHat Stronghold 4.0
Apache Software Foundation Tomcat 4.0.4
Apache Software Foundation Tomcat 4.0.3
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
Apache Software Foundation Tomcat 4.0.2
Apache Software Foundation Tomcat 4.0.1
-
BSDI BSD/OS 4.0
-
Caldera OpenLinux 2.4
-
Conectiva Linux 5.1
-
Debian Linux 2.2
-
Debian Linux 2.1
-
Digital UNIX 4.0
-
FreeBSD FreeBSD 5.0
-
FreeBSD FreeBSD 4.0
-
MandrakeSoft Linux Mandrake 7.1
-
MandrakeSoft Linux Mandrake 7.0
-
NetBSD NetBSD 1.4.2 x86
-
NetBSD NetBSD 1.4.1 x86
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.1 i386
-
SGI IRIX 6.5
-
SGI IRIX 6.4
-
SGI IRIX 3.3
-
Sun Solaris 8
-
Sun Solaris 7.0
Apache Software Foundation Tomcat 4.0
-
BSDI BSD/OS 4.0
-
Caldera OpenLinux 2.4
-
Conectiva Linux 5.1
-
Debian Linux 2.2
-
Debian Linux 2.1
-
Digital UNIX 4.0
-
FreeBSD FreeBSD 5.0
-
FreeBSD FreeBSD 4.0
-
MandrakeSoft Linux Mandrake 7.1
-
MandrakeSoft Linux Mandrake 7.0
-
NetBSD NetBSD 1.4.2 x86
-
NetBSD NetBSD 1.4.1 x86
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.1 i386
-
SGI IRIX 6.5
-
SGI IRIX 6.4
-
Sun Solaris 8
-
Sun Solaris 7.0
|
|
|
|
Not Vulnerable:
|
|
|
|
