Lucene search
F5F5:K9108HistoryMar 24, 2013 - 12:00 a.m.
K9108 : Apache Tomcat Cross-site scripting (XSS) vulnerability - CVE-2008-1232
2013-03-2400:00:00
my.f5.com
27
Security Advisory Description
Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.F5 products and versions that have been evaluated for this Security Advisory
| Product | Affected | Not Affected |
|---|---|---|
| BIG-IP LTM | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP GTM | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP ASM | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP Link Controller | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP WebAccelerator | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP PSM | None | 9.x |
| 10.x | ||
| 11.x | ||
| BIG-IP WAN Optimization | None | 10.x |
| 11.x | ||
| BIG-IP APM | None | 10.x |
| 11.x | ||
| BIG-IP Edge Gateway | None | 10.x |
| 11.x | ||
| BIG-IP Analytics | None | 11.x |
| BIG-IP AFM | None | 11.x |
| BIG-IP PEM | None | 11.x |
| FirePass | None | 5.x |
| 6.x | ||
| 7.x | ||
| Enterprise Manager | None | 1.x |
| 2.x | ||
| 3.x | ||
| ARX | None | 2.x |
| 3.x | ||
| 4.x | ||
| 5.x | ||
| 6.x | ||
| Vulnerability description and product informationA cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML through a crafted string that is used in the message argument to theHttpServletResponse.sendError method. | ||
| Information about this advisory is available at the following location: | ||
| <https://vulners.com/cve/CVE-2008-1232> |
Note: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.
Related
osv
osv
Apache Tomcat Cross-site scripting (XSS) vulnerability
2022-05-01 23:37:49
seebug
seebug
Apache Tomcat HttpServletResponse.sendError()跨站脚本漏洞
2008-08-04 00:00:00
ubuntucve
ubuntucve
CVE-2008-1232
2008-08-04 00:00:00
github
github
Apache Tomcat Cross-site scripting (XSS) vulnerability
2022-05-01 23:37:49
veracode
veracode
Cross-site Scripting (XSS)
2018-11-09 06:35:59
securityvulns
securityvulns
[CVE-2008-1232] Apache Tomcat XSS vulnerability
2008-08-01 00:00:00
Computer Associates applications multiple security vulnerabilities
2009-08-08 00:00:00
prion
prion
Cross site scripting
2008-08-04 01:41:00
f5
f5
cve
cve
CVE-2008-1232
2008-08-04 01:41:00
nvd
nvd
CVE-2008-1232
2008-08-04 01:41:00
cvelist
cvelist
CVE-2008-1232
2008-08-04 01:00:00
openvas
openvas
Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
2008-08-07 00:00:00
RedHat Update for tomcat RHSA-2008:0648-01
2009-03-06 00:00:00
Fedora Update for tomcat6 FEDORA-2008-7977
2009-02-17 00:00:00
nessus
nessus
RHEL 4 / 5 : jbossweb (RHSA-2008:0877)
2013-01-24 00:00:00
Apache Tomcat 4.x < 4.1.39 Multiple Vulnerabilities
2010-06-11 00:00:00
Apache Tomcat < 6.0.18 Multiple Vulnerabilities
2010-07-01 00:00:00
vmware
vmware
VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
2009-02-23 00:00:00
VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
2009-02-23 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.27
2008-09-08 00:00:00
Fixed in Apache Tomcat 6.0.18
2008-07-31 00:00:00
Fixed in Apache Tomcat 4.1.39
2008-01-07 00:00:00
redhat
redhat
(RHSA-2008:0877) Important: jbossweb security update
2008-09-22 00:00:00
(RHSA-2008:0864) Important: tomcat security update
2008-10-02 00:00:00
(RHSA-2008:0648) Important: tomcat security update
2008-08-27 00:00:00
oraclelinux
oraclelinux
tomcat security update
2008-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: tomcat5-5.5.27-0jpp.2.fc9
2008-09-16 23:25:10
[SECURITY] Fedora 9 Update: tomcat6-6.0.18-1.1.fc9
2008-09-11 17:17:43
[SECURITY] Fedora 8 Update: tomcat5-5.5.27-0jpp.2.fc8
2008-09-16 23:28:35
centos
centos
tomcat5 security update
2008-08-28 22:01:41
ibm
ibm