CVE-2007-1355 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6 4.1.0 through 4.1.36 5.0.0 through 5.0.30 5.5.0 through 5.5.23 and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.

Reference

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://osvdb.org/34875 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/27037 http://secunia.com/advisories/27727 http://secunia.com/advisories/30802 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://secunia.com/advisories/31493 http://secunia.com/advisories/33668 http://securityreason.com/securityalert/2722 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://support.apple.com/kb/HT2163 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://www.securityfocus.com/archive/1/469067/100/0/threaded http://www.securityfocus.com/archive/1/500396/100/0/threaded http://www.securityfocus.com/archive/1/500412/100/0/threaded http://www.securityfocus.com/bid/24058 http://www.vupen.com/english/advisories/2007/3386 http://www.vupen.com/english/advisories/2008/1979/references http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2009/0233 https://exchange.xforce.ibmcloud.com/vulnerabilities/34377 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@3Cdev.tomcat.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6111 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

Share on: