Vulnerability Name: CVE-2007-2449 (CCN-34869) Assigned: 2007-06-13 Published: 2007-06-13 Updated: 2019-03-25 Summary: Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. CVSS v3 Severity: 4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N 3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-Other CWE-79 Vulnerability Consequences: Gain Access References: Source: CCNApache Tomcat XSS vulnerabilities in the JSP examples http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities CVE-2007-2449 HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) SSRT071447 APPLE-SA-2008-06-30 SUSE-SR:2008:007 SUSE-SR:2009:004 36080 Moderate: tomcat security update Moderate: tomcat security update Moderate: Red Hat Network Satellite Server security update Low: Red Hat Network Satellite Server security update Low: Red Hat Network Satellite Server security update RHSA-2008:0630 26076 27037 27727 29392 Apple Mac OS X Security Update Fixes Multiple Vulnerabilities 30802 31493 CA Cohesion Application Configuration Manager Apache Tomcat Multiple Vulnerabilities 33668 Novell ZENworks Linux Management Tomcat Multiple Vulnerabilities 2804 Tomcat Input Validation Holes in the JSP Examples, Manager, and Host Manager Permit Cross-Site Scripting Attacks http://support.apple.com/kb/HT2163 HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) (HPSBUX02262) tomcat security update (RHSA-2007-0876) http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html JSP Cross-site scripting: Fixed in Apache Tomcat 6.0.HEAD http://tomcat.apache.org/security-6.html MDKSA-2007:241 Tomcat 5.0.28 in ZLM 7.3 subject to "Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities" Apache Tomcat JSP Examples Crafted URI XSS RHSA-2007:0569 RHSA-2008:0261 20070614 [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) 24476 Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability 1018245 ADV-2007-2213 ADV-2007-3386 ADV-2008-1981 ADV-2009-0233 tomcat-example-xss(34869) tomcat-example-xss(34869) [tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ [tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ [tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ [tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/ oval:org.mitre.oval:def:10578 Security Notice for Cohesion Tomcat TADDM affected by multiple vulnerabilities due to Apache Tomcat libraries FEDORA-2007-3456 SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:apache:tomcat:4.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version <= 4.1.36) OR cpe:/a:apache:tomcat:5.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1 :cpe:/a:apache:tomcat:4.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:4.1.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:* AND cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:x86_64:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:* OR cpe:/a:redhat:network_satellite:5.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86_64:*:*:*:*:* OR cpe:/a:redhat:network_satellite:4.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20072449 V CVE-2007-2449 2015-11-16 oval:org.mitre.oval:def:22687 P ELSA-2007:0569: tomcat security update (Moderate) 2014-05-26 oval:org.mitre.oval:def:10578 V Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. 2013-04-29 oval:com.redhat.rhsa:def:20070569 P RHSA-2007:0569: tomcat security update (Moderate) 2007-07-17
BACK
apache tomcat 4.0.0
apache tomcat 4.0.1
apache tomcat 4.0.2
apache tomcat 4.0.3
apache tomcat 4.0.4
apache tomcat 4.0.5
apache tomcat *
apache tomcat 5.0.0
apache tomcat 5.0.1
apache tomcat 5.0.2
apache tomcat 5.0.3
apache tomcat 5.0.4
apache tomcat 5.0.5
apache tomcat 5.0.6
apache tomcat 5.0.7
apache tomcat 5.0.8
apache tomcat 5.0.9
apache tomcat 5.0.10
apache tomcat 5.0.11
apache tomcat 5.0.12
apache tomcat 5.0.13
apache tomcat 5.0.14
apache tomcat 5.0.15
apache tomcat 5.0.16
apache tomcat 5.0.17
apache tomcat 5.0.18
apache tomcat 5.0.19
apache tomcat 5.0.21
apache tomcat 5.0.22
apache tomcat 5.0.23
apache tomcat 5.0.24
apache tomcat 5.0.25
apache tomcat 5.0.26
apache tomcat 5.0.27
apache tomcat 5.0.28
apache tomcat 5.0.29
apache tomcat 5.0.30
apache tomcat 5.5.0
apache tomcat 5.5.1
apache tomcat 5.5.2
apache tomcat 5.5.3
apache tomcat 5.5.4
apache tomcat 5.5.5
apache tomcat 5.5.6
apache tomcat 5.5.7
apache tomcat 5.5.8
apache tomcat 5.5.9
apache tomcat 5.5.10
apache tomcat 5.5.11
apache tomcat 5.5.12
apache tomcat 5.5.13
apache tomcat 5.5.14
apache tomcat 5.5.15
apache tomcat 5.5.16
apache tomcat 5.5.17
apache tomcat 5.5.18
apache tomcat 5.5.19
apache tomcat 5.5.20
apache tomcat 5.5.21
apache tomcat 5.5.22
apache tomcat 6.0.0
apache tomcat 6.0.1
apache tomcat 6.0.2
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.7
apache tomcat 6.0.8
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 4.0.1
apache tomcat 4.0.3
apache tomcat 4.0.4
apache tomcat 5.5.4
apache tomcat 5.0.19
apache tomcat 5.0.28
apache tomcat 5.5.12
apache tomcat 5.5.9
apache tomcat 5.5.7
apache tomcat 5.5.20
apache tomcat 5.0.25
apache tomcat 5.5.17
apache tomcat 5.0.0
apache tomcat 4.0.0
apache tomcat 4.0.2
apache tomcat 4.0.5
apache tomcat 4.1.36
apache tomcat 5.0.1
apache tomcat 5.0.10
apache tomcat 5.0.11
apache tomcat 5.0.12
apache tomcat 5.0.13
apache tomcat 5.0.14
apache tomcat 5.0.15
apache tomcat 5.0.16
apache tomcat 5.0.17
apache tomcat 5.0.18
apache tomcat 5.0.2
apache tomcat 5.0.21
apache tomcat 5.0.22
apache tomcat 5.0.23
apache tomcat 5.0.24
apache tomcat 5.0.26
apache tomcat 5.0.27
apache tomcat 5.0.29
apache tomcat 5.0.3
apache tomcat 5.0.30
apache tomcat 5.0.4
apache tomcat 5.0.5
apache tomcat 5.0.6
apache tomcat 5.0.7
apache tomcat 5.0.8
apache tomcat 5.0.9
apache tomcat 5.5.0
apache tomcat 5.5.1
apache tomcat 5.5.10
apache tomcat 5.5.11
apache tomcat 5.5.13
apache tomcat 5.5.14
apache tomcat 5.5.15
apache tomcat 5.5.16
apache tomcat 5.5.18
apache tomcat 5.5.19
apache tomcat 5.5.2
apache tomcat 5.5.21
apache tomcat 5.5.22
apache tomcat 5.5.3
apache tomcat 5.5.5
apache tomcat 5.5.6
apache tomcat 5.5.8
apache tomcat 6.0.0
apache tomcat 6.0.1
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.2
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.7
apache tomcat 6.0.8
hp hp-ux b.11.11
hp hp-ux b.11.23
redhat enterprise linux desktop 5.0
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
mandrakesoft mandrake linux 2008.0 x86_64
hp hp-ux b.11.31
redhat network satellite 5.0
redhat enterprise linux 5
redhat rhel application server 2
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2007.1
redhat network satellite 4.2
ibm tivoli application dependency discovery manager 7.3.0.0
Denotes that component is vulnerable