Oval Definition:oval:org.opensuse.security:def:20104172
Revision Date:2022-05-20Version:1
Title:CVE-2010-4172
Description:

Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-4172
Mitre CVE-2010-4172
SUSE CVE-2010-4172
openSUSE-SU-2011:0082-1
openSUSE-SU-2011:0082-1
openSUSE-SU-2011:0082-2
openSUSE-SU-2011:0082-2
SUSE-SR:2011:003
SUSE-SR:2011:003
Platform(s):openSUSE 11.2
openSUSE 11.3
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP1
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • tomcat6-6.0.18-20.35.40.1 is installed
  • OR tomcat6-admin-webapps-6.0.18-20.35.40.1 is installed
  • OR tomcat6-docs-webapp-6.0.18-20.35.40.1 is installed
  • OR tomcat6-javadoc-6.0.18-20.35.40.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.18-20.35.40.1 is installed
  • OR tomcat6-lib-6.0.18-20.35.40.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.18-20.35.40.1 is installed
  • OR tomcat6-webapps-6.0.18-20.35.40.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • tomcat6-6.0.41-0.43.1 is installed
  • OR tomcat6-admin-webapps-6.0.41-0.43.1 is installed
  • OR tomcat6-docs-webapp-6.0.41-0.43.1 is installed
  • OR tomcat6-javadoc-6.0.41-0.43.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.41-0.43.1 is installed
  • OR tomcat6-lib-6.0.41-0.43.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.41-0.43.1 is installed
  • OR tomcat6-webapps-6.0.41-0.43.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • tomcat6-6.0.18-20.35.40 is installed
  • OR tomcat6-admin-webapps-6.0.18-20.35.40 is installed
  • OR tomcat6-docs-webapp-6.0.18-20.35.40 is installed
  • OR tomcat6-javadoc-6.0.18-20.35.40 is installed
  • OR tomcat6-jsp-2_1-api-6.0.18-20.35.40 is installed
  • OR tomcat6-lib-6.0.18-20.35.40 is installed
  • OR tomcat6-servlet-2_5-api-6.0.18-20.35.40 is installed
  • OR tomcat6-webapps-6.0.18-20.35.40 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • tomcat6-6.0.18-20.35.36.1 is installed
  • OR tomcat6-admin-webapps-6.0.18-20.35.36.1 is installed
  • OR tomcat6-docs-webapp-6.0.18-20.35.36.1 is installed
  • OR tomcat6-javadoc-6.0.18-20.35.36.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.18-20.35.36.1 is installed
  • OR tomcat6-lib-6.0.18-20.35.36.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.18-20.35.36.1 is installed
  • OR tomcat6-webapps-6.0.18-20.35.36.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • tomcat6-6.0.18-20.35.40.1 is installed
  • OR tomcat6-admin-webapps-6.0.18-20.35.40.1 is installed
  • OR tomcat6-docs-webapp-6.0.18-20.35.40.1 is installed
  • OR tomcat6-javadoc-6.0.18-20.35.40.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.18-20.35.40.1 is installed
  • OR tomcat6-lib-6.0.18-20.35.40.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.18-20.35.40.1 is installed
  • OR tomcat6-webapps-6.0.18-20.35.40.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • tomcat6-6.0.41-0.43.1 is installed
  • OR tomcat6-admin-webapps-6.0.41-0.43.1 is installed
  • OR tomcat6-docs-webapp-6.0.41-0.43.1 is installed
  • OR tomcat6-javadoc-6.0.41-0.43.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.41-0.43.1 is installed
  • OR tomcat6-lib-6.0.41-0.43.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.41-0.43.1 is installed
  • OR tomcat6-webapps-6.0.41-0.43.1 is installed
    • Definition Synopsis
  • Release Information
  • sle11-sp1-sdk is installed
  • AND
  • tomcat6-admin-webapps less than 6.0.18-20.18.1
  • OR tomcat6-docs-webapp less than 6.0.18-20.18.1
  • OR tomcat6-javadoc less than 6.0.18-20.18.1
  • OR tomcat6-jsp-2_1-api less than 6.0.18-20.18.1
  • OR tomcat6-lib less than 6.0.18-20.18.1
  • OR tomcat6-servlet-2_5-api less than 6.0.18-20.18.1
  • OR tomcat6-webapps less than 6.0.18-20.18.1
  • OR tomcat6 less than 6.0.18-20.18.1
  • OR Package Information
  • suse112 is installed
  • tomcat6-admin-webapps less than 6.0.20-24.27.2
  • OR tomcat6-docs-webapp less than 6.0.20-24.27.2
  • OR tomcat6-javadoc less than 6.0.20-24.27.2
  • OR tomcat6-jsp-2_1-api less than 6.0.20-24.27.2
  • OR tomcat6-lib less than 6.0.20-24.27.2
  • OR tomcat6-servlet-2_5-api less than 6.0.20-24.27.2
  • OR tomcat6-webapps less than 6.0.20-24.27.2
  • OR tomcat6 less than 6.0.20-24.27.2
  • OR
  • suse113 is installed
  • tomcat6-admin-webapps less than 6.0.24-5.8.2
  • OR tomcat6-docs-webapp less than 6.0.24-5.8.2
  • OR tomcat6-el-1_0-api less than 6.0.24-5.8.2
  • OR tomcat6-javadoc less than 6.0.24-5.8.2
  • OR tomcat6-jsp-2_1-api less than 6.0.24-5.8.2
  • OR tomcat6-lib less than 6.0.24-5.8.2
  • OR tomcat6-servlet-2_5-api less than 6.0.24-5.8.2
  • OR tomcat6-webapps less than 6.0.24-5.8.2
  • OR tomcat6 less than 6.0.24-5.8.2
  • OR Package Information
  • suse112 is installed
  • AND
  • tomcat6-admin-webapps less than 6.0.20-24.31.1
  • OR tomcat6-docs-webapp less than 6.0.20-24.31.1
  • OR tomcat6-javadoc less than 6.0.20-24.31.1
  • OR tomcat6-jsp-2_1-api less than 6.0.20-24.31.1
  • OR tomcat6-lib less than 6.0.20-24.31.1
  • OR tomcat6-servlet-2_5-api less than 6.0.20-24.31.1
  • OR tomcat6-webapps less than 6.0.20-24.31.1
  • OR tomcat6 less than 6.0.20-24.31.1
    • BACK