Apache Tomcat HTML Manager Interface HTML Injection Vulnerability

Bugtraq ID: 46174
Class: Input Validation Error
CVE: CVE-2011-0013
Remote: Yes
Local: No
Published: Feb 07 2011 12:00AM
Updated: Apr 13 2015 09:31PM
Credit: Apache
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 ARM
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Sun Solaris 9_x86
Sun Solaris 9_sparc
Sun Solaris 11 Express
Sun Solaris 10_x86
Sun Solaris 10_sparc
Redhat JBoss Enterprise Web Server for Windows 1.0
Redhat JBoss Enterprise Web Server for Solaris 1.0
Redhat JBoss Enterprise Web Server for RHEL 6 1.0
Redhat JBoss Enterprise Web Server for RHEL 5 Server 1.0
Redhat JBoss Enterprise Web Server for RHEL 4 ES 1.0
Redhat JBoss Enterprise Web Server for RHEL 4 AS 1.0
Redhat JBoss Enterprise Web Server EL4 0
Redhat JBoss Enterprise Web Server 5.0
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 5
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2010.0 x86_64
Mandriva Linux Mandrake 2010.0
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM Rational Policy Tester 8.5.0.1
IBM Rational Policy Tester 8.5
IBM Rational Policy Tester 8.0
IBM Rational AppScan Enterprise 8.6
IBM Rational AppScan Enterprise 8.5.0.1
IBM Rational AppScan Enterprise 8.0.1.1
IBM Rational AppScan Enterprise 8.0.1
IBM Rational AppScan Enterprise 8.0.0.1
IBM Rational AppScan Enterprise 8.0.0
HP XP P9000 Performance Advisor 5.4.1
HP HP-UX Web Server Suite 3.22
HP HP-UX Web Server Suite 3.21
HP HP-UX Web Server Suite 3.18
HP HP-UX Web Server Suite 3.17
HP HP-UX Web Server Suite 3.13
HP HP-UX Web Server Suite 3.12
HP HP-UX Web Server Suite 3.10
HP HP-UX Web Server Suite 2.32
HP HP-UX Web Server Suite 2.31
HP HP-UX B.11.31
HP HP-UX B.11.11
Gentoo Linux
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
CTERA Networks CTERA Portal 3.1
Blue Coat Systems Intelligence Center 3.2.1
Blue Coat Systems Intelligence Center 3.1.2
Blue Coat Systems Intelligence Center 3.1.1
Blue Coat Systems Intelligence Center 2.1.2
Blue Coat Systems Intelligence Center 2.1.1
Blue Coat Systems Intelligence Center 2.1
Blue Coat Systems Intelligence Center 2.0.1
Blue Coat Systems Intelligence Center 2.0
Blue Coat Systems Intelligence Center 3.2
Blue Coat Systems Intelligence Center 3.1
Avaya Voice Portal 5.1 SP1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Meeting Exchange 5.2 SP2
Avaya Meeting Exchange 5.2 SP1
Avaya Meeting Exchange 5.2
Avaya Interactive Response 4.0
Avaya Interactive Response 3.0
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.1
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2
Avaya Aura Session Manager 1.1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Avaya Aura Presence Services 5.2
Avaya Aura Conferencing 6.0 Standard
Avaya Aura Conferencing 6.0 SP1 Standard
Avaya Aura Communication Manager 6.0
Avaya Aura Communication Manager 5.2
Avaya Aura Communication Manager 5.1
Avaya Aura Communication Manager 4.0
Avaya Aura Communication Manager 4.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 6.1
Avaya Aura Application Enablement Services 5.2.3
Avaya Aura Application Enablement Services 5.2.2
Avaya Aura Application Enablement Services 5.2
Apple Mac OS X Server 10.6.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac OS X Server 10.6.8
Apple Mac OS X Server 10.6.7
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.6
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6.8
Apple Mac OS X 10.6.7
Apple Mac OS X 10.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0 beta
Apache Tomcat 7.0
Apache Tomcat 6.0.29
Apache Tomcat 6.0.28
Apache Tomcat 6.0.27
Apache Tomcat 6.0.26
Apache Tomcat 6.0.25
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.18
Apache Tomcat 6.0.17
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.7
Apache Tomcat 6.0.6
Apache Tomcat 6.0.5
Apache Tomcat 6.0.4
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0
Apache Tomcat 5.5.30
Apache Tomcat 5.5.29
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.26
Apache Tomcat 5.5.25
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.7
Apache Tomcat 5.5.6
Apache Tomcat 5.5.5
Apache Tomcat 5.5.4
Apache Tomcat 5.5.3
Apache Tomcat 5.5.2
Apache Tomcat 5.5.1
Apache Tomcat 5.5
Apache Tomcat 7.0.5
Apache Tomcat 7.0
Apache Tomcat 6.0.29
Apache Tomcat 6.0.19
Apache Geronimo 2.1.7
Apache Geronimo 2.1.6
Apache Geronimo 2.1.5
Apache Geronimo 2.1.4
Apache Geronimo 2.1.3
Apache Geronimo 2.1.2
Apache Geronimo 2.1.1
Apache Geronimo 2.0.2
Apache Geronimo 2.0.1
Apache Geronimo 1.1.1
Apache Geronimo 1.1
Apache Geronimo 1.0.1
Apache Geronimo 1.0
Apache Geronimo 2.1
Apache Geronimo 2.0
Apache Geronimo 1.2
Apache Geronimo 1.1
Apache Geronimo 1.0
Not Vulnerable: Redhat JBoss Enterprise Web Server for Windows 1.0.2
Redhat JBoss Enterprise Web Server for Solaris 1.0.2
Redhat JBoss Enterprise Web Server for RHEL 6 1.0.2
Redhat JBoss Enterprise Web Server for RHEL 5 Server 1.0.2
Redhat JBoss Enterprise Web Server for RHEL 4 ES 1.0.2
Redhat JBoss Enterprise Web Server for RHEL 4 AS 1.0.2
HP XP P9000 Performance Advisor 5.5.1
HP HP-UX Web Server Suite 3.14
HP HP-UX Web Server Suite 2.33
CTERA Networks CTERA Portal 3.2.28
CTERA Networks CTERA Portal 3.1.39
Blue Coat Systems Intelligence Center 3.2.2.1
Apache Tomcat 7.0.6
Apache Tomcat 5.5.32
Apache Tomcat 6.0.30
Apache Geronimo 2.1.8


 

Privacy Statement
Copyright 2010, SecurityFocus