|
|
Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
|
Bugtraq ID:
|
25531
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2006-7196
CVE-2007-4724
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Sep 04 2007 12:00AM
|
|
Updated:
|
May 21 2008 01:44AM
|
|
Credit:
|
Tushar Vartak is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SuSE Linux Open-Xchange 4.1
S.u.S.E. SUSE Linux Enterprise Server 9 SP3
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Server 10
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10
S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO
S.u.S.E. SUSE Linux Enterprise 10 SP1 DEBUGINFO
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. SLE SDK 10
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. openSUSE 10.1
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Office Server
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop SDK 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 10.2 x86_64
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.2 x86_64
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Enterprise Server 10
S.u.S.E. Linux Enterprise SDK 10 SP1
S.u.S.E. Linux Enterprise SDK 10
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Desktop 10
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
RedHat Red Hat Network Satellite Server 5.0
Apache Software Foundation Tomcat 5.5.15
Apache Software Foundation Tomcat 5.5.14
Apache Software Foundation Tomcat 5.5.13
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.12
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.11
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.10
Apache Software Foundation Tomcat 5.5.9
Apache Software Foundation Tomcat 5.5.8
Apache Software Foundation Tomcat 5.5.7
Apache Software Foundation Tomcat 5.5.6
Apache Software Foundation Tomcat 5.5.5
Apache Software Foundation Tomcat 5.5.4
Apache Software Foundation Tomcat 5.5.3
Apache Software Foundation Tomcat 5.5.2
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5.1
Apache Software Foundation Tomcat 5.5
Apache Software Foundation Tomcat 5.5
Apache Software Foundation Tomcat 5.0.30
Apache Software Foundation Tomcat 5.0.28
Apache Software Foundation Tomcat 5.0.19
Apache Software Foundation Tomcat 5.0.16
Apache Software Foundation Tomcat 5.0.15
Apache Software Foundation Tomcat 5.0.14
Apache Software Foundation Tomcat 5.0.13
Apache Software Foundation Tomcat 5.0.12
Apache Software Foundation Tomcat 5.0.11
Apache Software Foundation Tomcat 5.0.10
Apache Software Foundation Tomcat 5.0.9
Apache Software Foundation Tomcat 5.0.8
Apache Software Foundation Tomcat 5.0.7
Apache Software Foundation Tomcat 5.0.6
Apache Software Foundation Tomcat 5.0.5
Apache Software Foundation Tomcat 5.0.4
Apache Software Foundation Tomcat 5.0.3
Apache Software Foundation Tomcat 5.0.2
Apache Software Foundation Tomcat 5.0.1
Apache Software Foundation Tomcat 5.0
Apache Software Foundation Tomcat 4.1.31
Apache Software Foundation Tomcat 4.1.24
Apache Software Foundation Tomcat 4.1.12
Apache Software Foundation Tomcat 4.1.10
Apache Software Foundation Tomcat 4.1.3 beta
Apache Software Foundation Tomcat 4.1
Apache Software Foundation Tomcat 4.0.6
Apache Software Foundation Tomcat 4.0.5
Apache Software Foundation Tomcat 4.0.4
Apache Software Foundation Tomcat 4.0.3
Apache Software Foundation Tomcat 4.0.2
Apache Software Foundation Tomcat 4.0.1
Apache Software Foundation Tomcat 4.0
-
BSDI BSD/OS 4.0
-
Caldera OpenLinux 2.4
-
Conectiva Linux 5.1
-
Debian Linux 2.2
-
Debian Linux 2.1
-
Digital UNIX 4.0
-
FreeBSD FreeBSD 5.0
-
FreeBSD FreeBSD 4.0
-
MandrakeSoft Linux Mandrake 7.1
-
MandrakeSoft Linux Mandrake 7.0
-
NetBSD NetBSD 1.4.2 x86
-
NetBSD NetBSD 1.4.1 x86
-
RedHat Linux 6.2 i386
-
RedHat Linux 6.1 i386
-
SGI IRIX 6.5
-
SGI IRIX 6.4
-
Sun Solaris 8
-
Sun Solaris 7.0
Apache Software Foundation Tomcat 4.0.0 RC2
|
|
|
|
Not Vulnerable:
|
Apache Software Foundation Tomcat 5.5.16
Apache Software Foundation Tomcat 5.0.31
Apache Software Foundation Tomcat 4.1.32
Apache Software Foundation Tomcat 4.0.7
|
|
|
