OVAL Reference oval:org.mitre.oval:def:12517

Oval Definition:

oval:org.mitre.oval:def:12517

Revision Date:	2015-04-20	Version:	30
Title:	HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS)
Description:	Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2010-3718
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.23 AND hpuxws22TOMCAT.TOMCAT version is less than B.5.5.30.04 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.31 AND filesets tests hpuxwsAPACHE.APACHE version is less than B.2.2.15.05 OR hpuxwsAPACHE.APACHE2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.2.15.05 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_JK version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.PHP version is less than B.2.2.15.05 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.2.15.05 OR hpuxwsAPACHE.PHP2 version is less than B.2.2.15.05 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.11 AND hpuxws22TOMCAT.TOMCAT version is less than B.5.5.30.04 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.23 AND filesets tests hpuxwsAPCH32.APACHE version is less than B.2.0.64.01 OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.64.01 OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.PHP version is less than B.2.0.64.01 OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.64.01 OR hpuxwsAPCH32.PHP2 version is less than B.2.0.64.01 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.31 AND hpuxws22TOMCAT.TOMCAT version is less than B.5.5.30.04 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.11 AND filesets tests hpuxwsAPACHE.APACHE version is less than B.2.0.64.01 OR hpuxwsAPACHE.APACHE2 version is less than B.2.0.64.01 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.64.01 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.64.01 OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.64.01 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.64.01 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.64.01 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.64.01 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.64.01 OR hpuxwsAPACHE.PHP version is less than B.2.0.64.01 OR hpuxwsAPACHE.PHP2 version is less than B.2.0.64.01 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.23 AND filesets tests hpuxwsAPACHE.APACHE version is less than B.2.2.15.05 OR hpuxwsAPACHE.APACHE2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.2.15.05 OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_JK version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_PERL version is less than B.2.2.15.05 OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.2.15.05 OR hpuxwsAPACHE.WEBPROXY version is less than B.2.2.15.05 OR hpuxwsAPACHE.PHP version is less than B.2.2.15.05 OR hpuxwsAPACHE.PHP2 version is less than B.2.2.15.05 OR Criteria meets HP Security Bulletin HPSBUX02645 HP-UX B.11.31 AND filesets tests hpuxwsAPCH32.APACHE version is less than B.2.0.64.01 OR hpuxwsAPCH32.APACHE2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.AUTH_LDAP version is less than B.2.0.64.01 OR hpuxwsAPCH32.AUTH_LDAP2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_JK version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_JK2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_PERL version is less than B.2.0.64.01 OR hpuxwsAPCH32.MOD_PERL2 version is less than B.2.0.64.01 OR hpuxwsAPCH32.WEBPROXY version is less than B.2.0.64.01 OR hpuxwsAPCH32.PHP version is less than B.2.0.64.01 OR hpuxwsAPCH32.PHP2 version is less than B.2.0.64.01

BACK