Oval Definition:oval:org.opensuse.security:def:20073382
Revision Date:2015-11-16Version:1
Title:CVE-2007-3382
Description:
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-3382
Platform(s):Novell Linux Desktop 9 SDK for x86
Novell Linux Desktop 9 SDK for x86_64
Open Enterprise Server
openSUSE 10.3
SUSE LINUX 10.1
Product(s):
Definition Synopsis
  • Release Information
  • sles9-nld-sdk is installed
  • AND jakarta-tomcat less than 5.0.19-29.11
  • OR
  • sles9-oes is installed
  • apache-jakarta-tomcat-connectors less than 5.0.19-29.11
  • OR apache2-jakarta-tomcat-connectors less than 5.0.19-29.11
  • OR jakarta-tomcat-doc less than 5.0.19-29.11
  • OR jakarta-tomcat-examples less than 5.0.19-29.11
  • OR jakarta-tomcat less than 5.0.19-29.11
  • OR Package Information
  • suse101 is installed
  • AND
  • mod_jk-ap20 less than 4.1.30-0.2
  • OR tomcat5-admin-webapps less than 5.0.30-27.21
  • OR tomcat5-webapps less than 5.0.30-27.21
  • OR tomcat5 less than 5.0.30-27.21
    • BACK