Oval Definition:oval:org.mitre.oval:def:6450
Revision Date:2015-04-20Version:26
Title:HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access
Description:Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0783
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02466
  • HP-UX B.11.23
  • AND hpuxws22TOMCAT.TOMCAT version is less than B.5.5.27.03
  • OR Criteria meets HP Security Bulletin HPSBUX02466
  • HP-UX B.11.11
  • AND hpuxwsTOMCAT.TOMCAT version is less than B.5.5.27.03
  • OR Criteria meets HP Security Bulletin HPSBUX02466
  • HP-UX B.11.31
  • AND hpuxws22TOMCAT.TOMCAT version is less than B.5.5.27.03
    • BACK