An error exists related to chunked transfer encoding and extensions that could allow limited denial of service attacks. (CVE-2012-3544)
An error exists related to HTML form authentication and session fixation that could allow an attacker to carry out requests using a victim’s credentials. (CVE-2013-2067)

Binary data 800783.prm

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067

tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.37

nessus 41

tomcat 6

openvas 28

atlassian 8

securityvulns 8

ubuntu 1

mageia 1

veracode 1

github 2

cve 4

seebug 3

cvelist 3

osv 4

redhat 12

oraclelinux 1

ubuntucve 3

prion 4

centos 2

debiancve 3

nvd 4

checkpoint_advisories 1

f5 1

debian 2

ibm 6

amazon 1

gentoo 1

oracle 3

nessus

Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities

2013-05-20 00:00:00

Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities

2013-05-15 00:00:00

Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_tomcat)

2015-01-19 00:00:00

tomcat

Fixed in Apache Tomcat 6.0.37

2013-05-03 00:00:00

Fixed in Apache Tomcat 7.0.33

2012-11-21 00:00:00

Fixed in Apache Tomcat 7.0.50

2014-01-08 00:00:00

openvas

Apache Tomcat 6.0.x < 6.0.37 Multiple Vulnerabilities - Linux

2021-10-29 00:00:00

Ubuntu: Security Advisory (USN-1841-1)

2013-05-31 00:00:00

Ubuntu Update for tomcat7 USN-1841-1

2013-05-31 00:00:00

atlassian

Upgrade bundled Tomcat due to security vulnerabilities

2013-05-21 04:29:40

Upgrade bundled Tomcat due to security vulnerabilities

2013-05-21 04:29:40

Upgrade bundled Tomcat to 6.0.37

2013-05-21 00:23:31

securityvulns

Apache Tomcat security vulnerabilities

2013-05-10 00:00:00

[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator

2013-05-10 00:00:00

[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited

2013-05-10 00:00:00

ubuntu

Tomcat vulnerabilities

2013-05-28 00:00:00

mageia

Updated tomcat6 packages fix multiple vulnerabilities and logging

2014-02-17 22:13:24

veracode

Session Fixation During Completion Of The Login Form

2019-01-15 08:55:05

github

Improper Authentication in Apache Tomcat

2022-05-14 01:10:35

Apache Tomcat Denial of Service vulnerability

2022-05-14 01:10:35

cve

CVE-2013-2067

2013-06-01 14:21:05

CVE-2012-3544

2013-06-01 14:21:05

CVE-2013-3544

2013-08-09 19:55:06

seebug

Apache Tomcat表单验证功能安全绕过漏洞

2013-06-06 00:00:00

Apache Tomcat 不完整修复拒绝服务漏洞

2014-02-27 00:00:00

HP Service Manager多个安全漏洞

2014-02-25 00:00:00

cvelist

CVE-2013-2067

2013-06-01 10:00:00

CVE-2012-3544

2013-06-01 10:00:00

CVE-2013-4322

2014-02-26 11:00:00

osv

Improper Authentication in Apache Tomcat

2022-05-14 01:10:35

tomcat7 - security update

2014-04-08 00:00:00

Apache Tomcat Denial of Service vulnerability

2022-05-14 01:10:35

redhat

(RHSA-2013:0964) Moderate: tomcat6 security update

2013-06-20 00:00:00

(RHSA-2013:1011) Moderate: Red Hat JBoss Web Server 2.0.1 update

2013-07-03 00:00:00

(RHSA-2013:1012) Moderate: Red Hat JBoss Web Server 2.0.1 update

2013-07-03 15:40:17

oraclelinux

tomcat6 security update

2013-06-20 00:00:00

ubuntucve

CVE-2013-2067

2013-05-10 00:00:00

CVE-2012-3544

2012-12-31 00:00:00

CVE-2013-4322

2014-02-26 00:00:00

prion

Session fixation

2013-06-01 14:21:00

Code injection

2013-06-01 14:21:00

Design/Logic Flaw

2013-08-09 19:55:00

centos

tomcat6 security update

2013-06-20 17:46:38

tomcat6 security update

2014-04-23 19:07:14

debiancve

CVE-2013-2067

2013-06-01 14:21:00

CVE-2012-3544

2013-06-01 14:21:00

CVE-2013-4322

2014-02-26 14:55:00

nvd

CVE-2013-2067

2013-06-01 14:21:05

CVE-2012-3544

2013-06-01 14:21:05

CVE-2013-3544

2013-08-09 19:55:06

checkpoint_advisories

Apache Tomcat Chunked Transfer Denial of Service - Ver 2 (CVE-2012-3544)

2013-11-10 00:00:00

K20038622 : Multiple Apache Tomcat vulnerabilities

2020-08-06 00:00:00

debian

[SECURITY] [DSA 2725-1] tomcat6 security update

2013-07-18 17:58:50

[SECURITY] [DSA 2897-1] tomcat7 security update

2014-04-08 18:25:14

ibm

Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerablity (CVE-2013-4286, CVE-2013-4322, CVE-2013-4590)

2018-06-17 04:53:01

Security Bulletin: Apache Tomcat and FileUpload Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0050, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

2018-06-17 22:31:44

Security Bulletin: Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4(CVE-2013-4286,CVE-2012-3544,CVE-2013-4322,CVE-2013-4590,CVE-2014-0033)

2018-06-15 07:01:06

amazon

Medium: tomcat6

2014-05-21 10:45:00

gentoo

Apache Tomcat: Multiple vulnerabilities

2014-12-15 00:00:00

oracle

Oracle Critical Patch Update - January 2014

2014-01-14 00:00:00

Oracle Critical Patch Update - July 2014

2014-07-15 00:00:00

Oracle Critical Patch Update - October 2016

2016-10-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.718

Percentile

98.1%

JSON

Related for 800783.PRM