Download
| Alert*
oval:org.secpod.oval:def:702625
tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:203393 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag lib ... oval:org.secpod.oval:def:203391 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity attacks. An attacker able to de ... oval:org.secpod.oval:def:1500676 It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could ... oval:org.secpod.oval:def:1500678 Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulnera ... oval:org.secpod.oval:def:501360 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity attacks. An attacker able to de ... oval:org.secpod.oval:def:501362 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag lib ... oval:org.secpod.oval:def:52513 tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:20843 The host is installed with Apache Tomcat 6.0.x before 6.0.40, 7.x before 7.0.54 or 8.x before 8.0.6 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted web application. Successful exploitation allows remote attackers to (1) read ... oval:org.secpod.oval:def:602469 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager. oval:org.secpod.oval:def:602436 Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. |