Oval Definition:oval:org.mitre.oval:def:23331
Revision Date:2014-05-26Version:20
Title:ELSA-2012:0474: tomcat5 security update (Moderate)
Description:Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2011-4858
CVE-2012-0022
ELSA-2012:0474-03
Platform(s):Oracle Linux 5
Product(s):tomcat5
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • tomcat5-webapps is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-server-lib is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-common-lib is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-jasper is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.31.el5_8
  • OR tomcat5 is earlier than 0:5.5.23-0jpp.31.el5_8
    • BACK