Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability

Bugtraq ID:	94828
Class:	Design Error
CVE:	CVE-2016-8745
Remote:	Yes
Local:	No
Published:	Dec 12 2016 12:00AM
Updated:	May 26 2017 08:00AM
Credit:	The vendor reported the issues.
Vulnerable:	SuSE Linux Enterprise Server 12-SP1 Redhat Enterprise Linux Workstation Optional 7 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 7 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 7 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 7 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux ComputeNode Optional 7 Redhat Enterprise Linux ComputeNode 7 Redhat Enterprise Linux Client Optional 7 Redhat Enterprise Linux 7 Client Oracle Solaris 11.3 Oracle Solaris 10 Oracle Enterprise Linux 7 Gentoo Linux CentOS CentOS 7 Apache Tomcat 8.5.8 Apache Tomcat 8.5.6 Apache Tomcat 8.5.5 Apache Tomcat 8.5.4 Apache Tomcat 9.0.0M8 Apache Tomcat 9.0.0M6 Apache Tomcat 9.0.0.M9 Apache Tomcat 9.0.0.M7 Apache Tomcat 9.0.0.M5 Apache Tomcat 9.0.0.M4 Apache Tomcat 9.0.0.M3 Apache Tomcat 9.0.0.M2 Apache Tomcat 9.0.0.M13 Apache Tomcat 9.0.0.M12 Apache Tomcat 9.0.0.M11 Apache Tomcat 9.0.0.M10 Apache Tomcat 9.0.0.M1 Apache Tomcat 8.5.3 Apache Tomcat 8.5.2 Apache Tomcat 8.5.0

Not Vulnerable:	Apache Tomcat 8.5.9 Apache Tomcat 9.0.0.M15