Oval Definition:oval:org.mitre.oval:def:22687
Revision Date:2014-05-26Version:20
Title:ELSA-2007:0569: tomcat security update (Moderate)
Description:Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-2449
CVE-2007-2450
ELSA-2007:0569-01
Platform(s):Oracle Linux 5
Product(s):tomcat5
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-server-lib is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-jasper is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-common-lib is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5-webapps is earlier than 0:5.5.23-0jpp.1.0.4.el5
  • OR tomcat5 is earlier than 0:5.5.23-0jpp.1.0.4.el5
    • BACK