CVE-2006-7196
Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en el ejemplo de aplicación de calendario en Apache Tomcat versión 4.0.0 hasta 4.0.6, versión 4.1.0 hasta 4.1.31, versión 5.0.0 hasta 5.0.30 y versión 5.5.0 hasta 5.5.15 permite a atacantes remotos inyectar script web o HTML arbitrarias por medio del parámetro time hacia el archivo cal2.jsp y posiblemente otros vectores no especificados. NOTA: esto puede estar relacionado con CVE-2006-0254.1.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-04-22 CVE Reserved
- 2007-05-09 CVE Published
- 2007-09-04 First Exploit
- 2024-08-07 CVE Updated
- 2024-11-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (23)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/30563 | 2007-09-04 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html | 2023-11-07 | |
http://www.redhat.com/support/errata/RHSA-2008-0261.html | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2006-7196 | 2008-06-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=238131 | 2008-06-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | <= 4.1.31 Search vendor "Apache" for product "Tomcat" and version " <= 4.1.31" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.0 Search vendor "Apache" for product "Tomcat" and version "4.0.0" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.1 Search vendor "Apache" for product "Tomcat" and version "4.0.1" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.2 Search vendor "Apache" for product "Tomcat" and version "4.0.2" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.3 Search vendor "Apache" for product "Tomcat" and version "4.0.3" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.4 Search vendor "Apache" for product "Tomcat" and version "4.0.4" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.5 Search vendor "Apache" for product "Tomcat" and version "4.0.5" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 4.0.6 Search vendor "Apache" for product "Tomcat" and version "4.0.6" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.0 Search vendor "Apache" for product "Tomcat" and version "5.0.0" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.1 Search vendor "Apache" for product "Tomcat" and version "5.0.1" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.2 Search vendor "Apache" for product "Tomcat" and version "5.0.2" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.3 Search vendor "Apache" for product "Tomcat" and version "5.0.3" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.4 Search vendor "Apache" for product "Tomcat" and version "5.0.4" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.5 Search vendor "Apache" for product "Tomcat" and version "5.0.5" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.6 Search vendor "Apache" for product "Tomcat" and version "5.0.6" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.7 Search vendor "Apache" for product "Tomcat" and version "5.0.7" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.8 Search vendor "Apache" for product "Tomcat" and version "5.0.8" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.9 Search vendor "Apache" for product "Tomcat" and version "5.0.9" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.10 Search vendor "Apache" for product "Tomcat" and version "5.0.10" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.11 Search vendor "Apache" for product "Tomcat" and version "5.0.11" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.12 Search vendor "Apache" for product "Tomcat" and version "5.0.12" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.13 Search vendor "Apache" for product "Tomcat" and version "5.0.13" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.14 Search vendor "Apache" for product "Tomcat" and version "5.0.14" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.15 Search vendor "Apache" for product "Tomcat" and version "5.0.15" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.16 Search vendor "Apache" for product "Tomcat" and version "5.0.16" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.17 Search vendor "Apache" for product "Tomcat" and version "5.0.17" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.18 Search vendor "Apache" for product "Tomcat" and version "5.0.18" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.19 Search vendor "Apache" for product "Tomcat" and version "5.0.19" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.21 Search vendor "Apache" for product "Tomcat" and version "5.0.21" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.22 Search vendor "Apache" for product "Tomcat" and version "5.0.22" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.23 Search vendor "Apache" for product "Tomcat" and version "5.0.23" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.24 Search vendor "Apache" for product "Tomcat" and version "5.0.24" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.25 Search vendor "Apache" for product "Tomcat" and version "5.0.25" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.26 Search vendor "Apache" for product "Tomcat" and version "5.0.26" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.27 Search vendor "Apache" for product "Tomcat" and version "5.0.27" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.28 Search vendor "Apache" for product "Tomcat" and version "5.0.28" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.29 Search vendor "Apache" for product "Tomcat" and version "5.0.29" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.0.30 Search vendor "Apache" for product "Tomcat" and version "5.0.30" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.0 Search vendor "Apache" for product "Tomcat" and version "5.5.0" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.1 Search vendor "Apache" for product "Tomcat" and version "5.5.1" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.2 Search vendor "Apache" for product "Tomcat" and version "5.5.2" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.3 Search vendor "Apache" for product "Tomcat" and version "5.5.3" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.4 Search vendor "Apache" for product "Tomcat" and version "5.5.4" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.5 Search vendor "Apache" for product "Tomcat" and version "5.5.5" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.6 Search vendor "Apache" for product "Tomcat" and version "5.5.6" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.7 Search vendor "Apache" for product "Tomcat" and version "5.5.7" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.8 Search vendor "Apache" for product "Tomcat" and version "5.5.8" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.9 Search vendor "Apache" for product "Tomcat" and version "5.5.9" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.10 Search vendor "Apache" for product "Tomcat" and version "5.5.10" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.11 Search vendor "Apache" for product "Tomcat" and version "5.5.11" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.12 Search vendor "Apache" for product "Tomcat" and version "5.5.12" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.13 Search vendor "Apache" for product "Tomcat" and version "5.5.13" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.14 Search vendor "Apache" for product "Tomcat" and version "5.5.14" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 5.5.15 Search vendor "Apache" for product "Tomcat" and version "5.5.15" | - |
Affected
|