| Revision Date: | 2015-04-20 | Version: | 25 | | Title: | HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) | | Description: | Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2007-1355
| | Platform(s): | HP-UX 11
| Product(s): | | | Definition Synopsis | | Criteria meets HP Security Bulletin HPSBUX02262 platforms
HP-UX B.11.23
OR HP-UX B.11.31
OR HP-UX B.11.11
AND hpuxwsAPACHE version is less than B.2.0.59.00
OR Criteria meets HP Security Bulletin HPSBUX02262
HP-UX B.11.11
AND hpuxwsAPACHE version is less than A.2.0.59.00
|
|