Vulnerability Name:

CVE-2007-1358 (CCN-34210)

Assigned:2007-05-10
Published:2007-05-10
Updated:2019-03-25
Summary:Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
2.2 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: CONFIRM
Type: UNKNOWN
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Source: CCN
Type: CA Security Response Blog, Jan 23 2009, 06:04 PM
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: MITRE
Type: CNA
CVE-2007-1358

Source: CCN
Type: Apple Security Update 2007-007
About Security Update 2007-007

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=306172

Source: CCN
Type: Apple Web site
Apple security updates

Source: CCN
Type: HP Security Bulletin HPSBUX02262 SSRT071447
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)

Source: HP
Type: UNKNOWN
SSRT071447

Source: JVN
Type: UNKNOWN
JVN#16535199

Source: APPLE
Type: UNKNOWN
APPLE-SA-2007-07-31

Source: OSVDB
Type: UNKNOWN
34881

Source: CCN
Type: RHSA-2007-0326
Important: tomcat security update

Source: CCN
Type: RHSA-2007-0327
Important: tomcat security update

Source: CCN
Type: RHSA-2007-0328
Important: tomcat security update

Source: CCN
Type: RHSA-2007-0360
Important: jbossas security update

Source: CCN
Type: RHSA-2007-0876
Moderate: tomcat security update

Source: CCN
Type: RHSA-2008-0261
Moderate: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0524
Low: Red Hat Network Satellite Server security update

Source: CCN
Type: RHSA-2008-0630
Low: Red Hat Network Satellite Server security update

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0630

Source: CCN
Type: RHSA-2010-0602
Moderate: Red Hat Certificate System 7.3 security update

Source: CCN
Type: SA25721
Apache Tomcat Accept-Language Header Cross-Site Scripting

Source: SECUNIA
Type: Vendor Advisory
25721

Source: CCN
Type: SA26235
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
26235

Source: CCN
Type: SA26660
Interstage Application Server Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
26660

Source: SECUNIA
Type: Vendor Advisory
27037

Source: SECUNIA
Type: Vendor Advisory
27727

Source: CCN
Type: SA30899
Sun Solaris 9 Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
30899

Source: CCN
Type: SA30908
Sun Solaris 10 Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
30908

Source: SECUNIA
Type: Vendor Advisory
31493

Source: CCN
Type: SA33668
CA Cohesion Application Configuration Manager Apache Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
33668

Source: CCN
Type: SECTRACK ID: 1018269
Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks

Source: SUNALERT
Type: UNKNOWN
239312

Source: CCN
Type: Sun Alert ID: 239312
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10

Source: CCN
Type: ASA-2007-416
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) (HPSBUX02262)

Source: CCN
Type: ASA-2007-427
tomcat security update (RHSA-2007-0876)

Source: CCN
Type: ASA-2008-293
Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 (Sun 239312)

Source: CONFIRM
Type: UNKNOWN
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Source: CCN
Type: Apache Tomcat Web site
Apache Tomcat 4.x vulnerabilities

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-4.html

Source: CCN
Type: FUJITSU Web site
Cross-site scripting (XSS) vulnerabilities in Interstage Application Server(CVE-2007-1358). September 6th, 2007

Source: CONFIRM
Type: UNKNOWN
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html

Source: CCN
Type: OSVDB ID: 34881
Apache Tomcat Malformed Accept-Language Header XSS

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0261

Source: BUGTRAQ
Type: UNKNOWN
20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing

Source: BUGTRAQ
Type: UNKNOWN
20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

Source: BID
Type: UNKNOWN
24524

Source: CCN
Type: BID-24524
Apache Tomcat Accept-Language Cross Site Scripting Vulnerability

Source: BID
Type: UNKNOWN
25159

Source: CCN
Type: BID-25159
Apple Mac OS X 2007-007 Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1018269

Source: VUPEN
Type: UNKNOWN
ADV-2007-1729

Source: VUPEN
Type: UNKNOWN
ADV-2007-2732

Source: VUPEN
Type: UNKNOWN
ADV-2007-3087

Source: VUPEN
Type: UNKNOWN
ADV-2007-3386

Source: VUPEN
Type: UNKNOWN
ADV-2008-1979

Source: VUPEN
Type: UNKNOWN
ADV-2009-0233

Source: XF
Type: UNKNOWN
tomcat-acceptlanguage-xss(34210)

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10679

Source: CCN
Type: CA20090123-01
Security Notice for Cohesion Tomcat

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-3456

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version <= 4.1.31)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_developer_suite:3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20071358
    V
    		CVE-2007-1358
    2017-09-27
    oval:org.mitre.oval:def:22631
    P
    		ELSA-2007:0327: tomcat security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:10679
    V
    		Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
    2013-04-29
    oval:com.redhat.rhsa:def:20070327
    P
    		RHSA-2007:0327: tomcat security update (Important)
    2008-03-20
    BACK
    apache tomcat 4.0.0
    apache tomcat 4.0.1
    apache tomcat 4.0.2
    apache tomcat 4.0.3
    apache tomcat 4.0.4
    apache tomcat 4.0.5
    apache tomcat 4.0.6
    apache tomcat 4.1.0
    apache tomcat *
    apache tomcat 4.0.1
    apache tomcat 4.0.3
    apache tomcat 4.0.4
    apache tomcat 4.1.0
    apache tomcat 4.0.0
    apache tomcat 4.0.2
    apache tomcat 4.0.5
    apache tomcat 4.0.6
    apache tomcat 4.1.31
    redhat certificate system 7.3
    hp hp-ux b.11.11
    sun solaris 9
    hp hp-ux b.11.23
    sun solaris 10
    sun solaris 10
    redhat enterprise linux 5
    redhat enterprise linux 5
    hp hp-ux b.11.31
    apple mac os x server 10.4.10
    redhat enterprise linux 5
    redhat rhel developer suite 3
    redhat rhel application server 2
    sun solaris 9