Oval Definition:oval:org.mitre.oval:def:28407
Revision Date:2015-08-17Version:9
Title:RHSA-2008:0648 -- tomcat security update (Important)
Description:Updated tomcat packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5.This update has been rated as having important security impact by the RedHat Security Response Team.Apache Tomcat is a servlet container for the Java Servlet and JavaServerPages (JSP) technologies.A cross-site scripting vulnerability was discovered in theHttpServletResponse.sendErrormethod. A remote attacker could injectarbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2008:0648-CentOS 5
CVE-2008-1232
CVE-2008-1947
CVE-2008-2370
CVE-2008-2938
RHSA-2008:0648
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 5
Product(s):tomcat5
Definition Synopsis
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages match section
  • tomcat5 is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-common-lib is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-jasper is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-server-lib is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-webapps is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.7.el5_2.1
  • OR tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.7.el5_2.1
    • BACK