Oval Definition:oval:org.mitre.oval:def:13494
Revision Date:2014-06-30Version:19
Title:USN-1048-1 -- tomcat6 vulnerability
Description:It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-4172
USN-1048-1
USN-1048-1
Platform(s):Ubuntu 10.04
Ubuntu 10.10
Ubuntu 9.10
Product(s):tomcat6
Definition Synopsis
  • Release section
  • Ubuntu 10.10 is installed
  • AND Installed architecture is all
  • AND Packages section
  • libservlet2.5-java DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR libtomcat6-java DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6-docs DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR libservlet2.5-java-doc DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6 DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6-admin DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6-common DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6-user DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR tomcat6-examples DPKG is earlier than 6.0.28-2ubuntu1.1
  • OR Release section
  • Ubuntu 9.10 is installed
  • AND Installed architecture is all
  • AND Packages section
  • libservlet2.5-java DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR libtomcat6-java DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6-docs DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR libservlet2.5-java-doc DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6 DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6-admin DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6-common DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6-user DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR tomcat6-examples DPKG is earlier than 6.0.20-2ubuntu2.3
  • OR Release section
  • Ubuntu 10.04 is installed
  • AND Installed architecture is all
  • AND Packages section
  • libservlet2.5-java DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR libtomcat6-java DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6-docs DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR libservlet2.5-java-doc DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6 DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6-admin DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6-common DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6-user DPKG is earlier than 6.0.24-2ubuntu1.6
  • OR tomcat6-examples DPKG is earlier than 6.0.24-2ubuntu1.6
    • BACK