[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:89043521
This update for tomcat6 fixes the following security issues: - : The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means t ...

oval:org.secpod.oval:def:89044662
This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017 ...

oval:org.secpod.oval:def:502190
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ...

oval:org.secpod.oval:def:2101179
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original ...

oval:org.secpod.oval:def:1000699
The remote host is missing a patch 152510-06 containing a security fix. For more information please visit the reference link.

oval:org.secpod.oval:def:1502052
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:204700
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in Tomcat"s handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to b ...

oval:org.secpod.oval:def:204545
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the remova ...

oval:org.secpod.oval:def:1000744
The remote host is missing a patch 152511-06 containing a security fix. For more information please visit the reference link.

oval:org.secpod.oval:def:502071
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the remova ...

oval:org.secpod.oval:def:53088
Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request"s HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement o ...

oval:org.secpod.oval:def:53087
Aniket Nandkishor Kulkarni discovered that in tomcat7, a servlet and JSP engine, static error pages used the original request"s HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement o ...

oval:org.secpod.oval:def:1600740
Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcats DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

oval:org.secpod.oval:def:46897
The host is installed with Apache Tomcat 7.x before 7.0.78, 8.0.x before 8.0.44, 8.5.x before 8.5.15 or 9.x before 9.0.0.M21 and is prone to a security bypass vulnerability. A flaw is present in the security constraint defined by annotations of servlets. Successful exploitation exposes resources to ...

oval:org.secpod.oval:def:703934
tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat.

oval:org.secpod.oval:def:602966
Aniket Nandkishor Kulkarni discovered that in tomcat7, a servlet and JSP engine, static error pages used the original request"s HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement o ...

oval:org.secpod.oval:def:602967
Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request"s HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement o ...

oval:org.secpod.oval:def:1501935
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1900339
The error page mechanism of the Java Servlet Specification requires that,when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original H ...

oval:org.secpod.oval:def:1600732
Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

oval:org.secpod.oval:def:1600733
Security constrained bypass in error page mechanism:A vulnerability was discovered in the error page mechanism in Tomcat"s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page

oval:org.secpod.oval:def:112510
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ...

oval:org.secpod.oval:def:1600750
Security constrained bypass in error page mechanism:While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untr ...

oval:org.secpod.oval:def:51964
tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat.

oval:org.secpod.oval:def:112509
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory e ...

CWE    1
CWE-755
*CVE
CVE-2017-5664

© SecPod Technologies