Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability

Bugtraq ID: 25174
Class: Input Validation Error
CVE: CVE-2007-3384
Remote: Yes
Local: No
Published: Aug 02 2007 12:00AM
Updated: Aug 02 2007 11:45PM
Credit: Tomasz Kuczynski, Poznan Supercomputing, and Networking Center are credited with the discovery of this vulnerability.
Vulnerable: Apache Tomcat 3.3.2
Apache Tomcat 3.3.1 a
Apache Tomcat 3.3.1
Apache Tomcat 3.3
- BSDI BSD/OS 4.0
- Caldera OpenLinux 2.4
- Debian Linux 2.2
- Debian Linux 2.1
- Digital UNIX 4.0
- FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- NetBSD NetBSD 1.4.2 x86
- NetBSD NetBSD 1.4.1 x86
- Redhat Linux 6.2 i386
- Redhat Linux 6.1 i386
- SGI IRIX 6.5
- SGI IRIX 6.4
- Sun Solaris 8_sparc
- Sun Solaris 7.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus