Oval Definition:oval:org.mitre.oval:def:21312
Revision Date:2014-02-24Version:35
Title:RHSA-2012:0475: tomcat6 security update (Moderate)
Description:Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:0475
CVE-2011-4858
CVE-2012-0022
RHSA-2012:0475-03
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):tomcat6
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • tomcat6-webapps is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-lib is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-jsp-2.1-api is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-docs-webapp is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-javadoc is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-el-2.1-api is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-admin-webapps is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6-servlet-2.5-api is earlier than 0:6.0.24-36.el6_2
  • OR tomcat6 is earlier than 0:6.0.24-36.el6_2
    • BACK