CVE-2011-0013 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32 6.0 before 6.0.30 and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML as demonstrated via the display-name tag.

Reference

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://marc.info/?l=bugtraq&m=130168502603566&w=2 http://marc.info/?l=bugtraq&m=132215163318824&w=2 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://secunia.com/advisories/43192 http://secunia.com/advisories/45022 http://secunia.com/advisories/57126 http://securityreason.com/securityalert/8093 http://support.apple.com/kb/HT5002 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html http://tomcat.apache.org/security-5.htmlFixed_in_Apache_Tomcat_5.5.32 http://tomcat.apache.org/security-6.htmlFixed_in_Apache_Tomcat_6.0.30 http://tomcat.apache.org/security-7.htmlFixed_in_Apache_Tomcat_7.0.6_(released_14_Jan_2011) http://www.debian.org/security/2011/dsa-2160 http://www.mandriva.com/security/advisories?name=MDVSA-2011:030 http://www.redhat.com/support/errata/RHSA-2011-0791.html http://www.redhat.com/support/errata/RHSA-2011-0896.html http://www.redhat.com/support/errata/RHSA-2011-0897.html http://www.redhat.com/support/errata/RHSA-2011-1845.html http://www.securityfocus.com/archive/1/516209/30/90/threaded http://www.securityfocus.com/bid/46174 http://www.securitytracker.com/id?1025026 http://www.vupen.com/english/advisories/2011/0376 https://bugzilla.redhat.com/show_bug.cgi?id=675786 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@3Cdev.tomcat.apache.org3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@3Cdev.tomcat.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A12878 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14945 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19269

Share on: