CVE-2007-1358 – tomcat accept-language xss flaw
https://notcve.org/view.php?id=CVE-2007-1358
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616". Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ciertas aplicaciones que usan Apache Tomcat 4.0.0 hasta 4.0.6 y 4.1.0 hasta 4.1.34 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante "cabeceras Accept-Language que no cumplen la RFC 2616" artesanales. • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://docs.info.apple.com/article.html?artnum=306172 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://jvn.jp/jp/JVN%2316535199/index.html http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://osvdb.org/34881 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/25721 http://secunia.com/advisories/26235 http:/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-7196 – Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en el ejemplo de aplicación de calendario en Apache Tomcat versión 4.0.0 hasta 4.0.6, versión 4.1.0 hasta 4.1.31, versión 5.0.0 hasta 5.0.30 y versión 5.5.0 hasta 5.5.15 permite a atacantes remotos inyectar script web o HTML arbitrarias por medio del parámetro time hacia el archivo cal2.jsp y posiblemente otros vectores no especificados. NOTA: esto puede estar relacionado con CVE-2006-0254.1. • https://www.exploit-db.com/exploits/30563 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://osvdb.org/34888 http://secunia.com/advisories/29242 http://secunia.com/advisories/33668 http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.apache.org/security-4.html http://tomcat.apache • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2005-4838 – tomcat manager example DoS
https://notcve.org/view.php?id=CVE-2005-4838
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html http://marc.info/?l=tomcat-dev&m=110476790331536&w=2 http://marc.info/?l=tomcat-dev&m=110477195116951&w=2 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/13737 http://secunia.com/advisories/31493 http://securitytracker.com/id?1012793 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://www.oliverkarow.de/research/jakarta556_ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2005-1754 – Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-1754
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. • https://www.exploit-db.com/exploits/25702 http://marc.info/?l=bugtraq&m=111697083812367&w=2 http://tomcat.apache.org/security-5.html http://www.securityfocus.com/bid/13753 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2002-0493
https://notcve.org/view.php?id=CVE-2002-0493
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions. • http://marc.info/?l=bugtraq&m=101709002410365&w=2 http://www.apachelabs.org/tomcat-dev/200108.mbox/%3C20010810000819.6350.qmail%40icarus.apache.org%3E http://www.iss.net/security_center/static/9863.php https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cd • CWE-254: 7PK - Security Features •