Oval Definition:oval:org.opensuse.security:def:20072450
Revision Date:2015-11-16Version:1
Title:CVE-2007-2450
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-2450
Platform(s):Novell Linux Desktop 9 SDK for x86
Novell Linux Desktop 9 SDK for x86_64
Open Enterprise Server
openSUSE 10.3
SUSE LINUX 10.1
Product(s):
Definition Synopsis
  • Release Information
  • sles9-nld-sdk is installed
  • AND jakarta-tomcat less than 5.0.19-29.13
  • OR
  • sles9-oes is installed
  • apache-jakarta-tomcat-connectors less than 5.0.19-29.13
  • OR apache2-jakarta-tomcat-connectors less than 5.0.19-29.13
  • OR jakarta-tomcat-doc less than 5.0.19-29.13
  • OR jakarta-tomcat-examples less than 5.0.19-29.13
  • OR jakarta-tomcat less than 5.0.19-29.13
  • OR Package Information
  • suse101 is installed
  • AND
  • tomcat5-admin-webapps less than 5.0.30-27.26
  • OR tomcat5-webapps less than 5.0.30-27.26
  • OR tomcat5 less than 5.0.30-27.26
    • BACK