Download
| Alert*
oval:org.secpod.oval:def:20818
The host is installed with Apache Tomcat 5.5.0 through 5.5.26 or 6.0.0 through 6.0.16 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails handle the cookie in an https session. Successful exploitation allows remote attackers to inject arbitrary ... oval:org.secpod.oval:def:301557 A number of vulnerabilities have been discovered in the Apache Tomcat server: The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files ... |