Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability

Bugtraq ID:	25174
Class:	Input Validation Error
CVE:	CVE-2007-3384
Remote:	Yes
Local:	No
Published:	Aug 02 2007 12:00AM
Updated:	Aug 02 2007 11:45PM
Credit:	Tomasz Kuczynski, Poznan Supercomputing, and Networking Center are credited with the discovery of this vulnerability.
Vulnerable:	Apache Tomcat 3.3.2 Apache Tomcat 3.3.1 a Apache Tomcat 3.3.1 Apache Tomcat 3.3 - BSDI BSD/OS 4.0 - Caldera OpenLinux 2.4 - Debian Linux 2.2 - Debian Linux 2.1 - Digital UNIX 4.0 - FreeBSD FreeBSD 5.0 - FreeBSD FreeBSD 4.0 - Mandriva Linux Mandrake 7.1 - Mandriva Linux Mandrake 7.0 - NetBSD NetBSD 1.4.2 x86 - NetBSD NetBSD 1.4.1 x86 - Redhat Linux 6.2 i386 - Redhat Linux 6.1 i386 - SGI IRIX 6.5 - SGI IRIX 6.4 - Sun Solaris 8_sparc - Sun Solaris 7.0

Not Vulnerable: