Oval Definition:oval:org.opensuse.security:def:201712616
Revision Date:2022-05-22Version:1
Title:CVE-2017-12616
Description:

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-12616
SUSE-SU-2017:3059-1
Mitre CVE-2017-12616
SUSE CVE-2017-12616
SUSE-SU-2017:3059-1
Platform(s):SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 12-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • tomcat-7.0.82-7.16 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-javadoc-7.0.82-7.16 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-lib-7.0.82-7.16 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16 is installed
  • OR tomcat-webapps-7.0.82-7.16 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed
  • AND Package Information
  • tomcat-7.0.82-7.16 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-javadoc-7.0.82-7.16 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-lib-7.0.82-7.16 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16 is installed
  • OR tomcat-webapps-7.0.82-7.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND tomcat6 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • AND tomcat is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND
  • tomcat-7.0.82-7.16.1 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16.1 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16.1 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-javadoc-7.0.82-7.16.1 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-lib-7.0.82-7.16.1 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16.1 is installed
  • OR tomcat-webapps-7.0.82-7.16.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND tomcat is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND tomcat is not affected
    • BACK