Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
tomcatApache TomcatTOMCAT:3C400C905C414CA6871D3DB41AFC2979
HistoryApr 18, 2007 - 12:00 a.m.

Fixed in Apache Tomcat 5.5.18, 5.0.SVN

2007-04-1800:00:00
Apache Tomcat
tomcat.apache.org
21

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.016

Percentile

87.6%

JSON

Moderate: Cross-site scripting CVE-2006-7195

The implicit-objects.jsp in the examples webapp displayed a number of unfiltered header values. This enabled a XSS attack. These values are now filtered.

Affects: 5.0.0-5.0.30, 5.5.0-5.5.17

Affected configurations

Vulners
Node
apachetomcatRange5.0.0
OR
apachetomcatRange5.0.30
OR
apachetomcatRange5.5.0
OR
apachetomcatRange5.5.17
VendorProductVersionCPE
apachetomcat*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

Related

nvd 1
osv 1
nessus 9
cve 1
github 1
cvelist 1
ubuntucve 1
redhat 5
vmware 2
centos 1
oraclelinux 1
openvas 4
securityvulns 1
nvd
nvd
CVE-2006-7195
2007-05-10 00:19:00
osv
osv
Apache Tomcat XSS Vulnerability
2022-05-01 07:45:38
nessus
nessus
Apache Tomcat Implicit Objects XSS
2010-07-09 00:00:00
SuSE 10 Security Update : Geronimo (ZYPP Patch Number 4864)
2008-01-10 00:00:00
Oracle Linux 5 : tomcat (ELSA-2007-0327)
2013-07-12 00:00:00
cve
cve
CVE-2006-7195
2007-05-10 00:19:00
github
github
Apache Tomcat XSS Vulnerability
2022-05-01 07:45:38
cvelist
cvelist
CVE-2006-7195
2007-05-09 22:00:00
ubuntucve
ubuntucve
CVE-2006-7195
2007-05-10 00:00:00
redhat
redhat
(RHSA-2007:0328) Important: tomcat security update
2007-05-24 00:00:00
(RHSA-2007:0327) Important: tomcat security update
2007-05-14 00:00:00
(RHSA-2007:0326) Important: tomcat security update
2007-05-21 00:00:00
vmware
vmware
Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
2008-01-07 00:00:00
Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
2008-01-07 00:00:00
centos
centos
jakarta, tomcat5 security update
2007-05-14 22:49:09
oraclelinux
oraclelinux
Important: tomcat security update
2007-06-26 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0327)
2015-10-08 00:00:00
Ubuntu USN-711-1 (ktorrent)
2009-02-02 00:00:00
Ubuntu USN-712-1 (vim)
2009-02-02 00:00:00
securityvulns
securityvulns
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)
2009-01-28 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.016

Percentile

87.6%

JSON
Related for TOMCAT:3C400C905C414CA6871D3DB41AFC2979
nvd1osv1nessus9cve1github1cvelist1ubuntucve1redhat5vmware2centos1oraclelinux1openvas4securityvulns1