Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apache
  • Tomcat
Redhat
  • Enterprise Linux
  • Jboss Enterprise Web Server

Configuration 1 [-]

OR cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
Package CPE Advisory Released Date
JBEWS 1.0 for RHEL 4
ant-0:1.7.1-13.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
antlr-0:2.7.7-7.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
bcel-0:5.2-8.1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
cglib-0:2.2-5.1.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
dom4j-0:1.6.1-11.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
ecj-1:3.3.1.1-3.2.2.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
glassfish-jaf-0:1.1.0-6.1.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
glassfish-javamail-0:1.4.2-0.4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
glassfish-jsf-0:1.2_13-2.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-1:3.3.2-1.5.GA_CP04.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-annotations-0:3.4.0-3.3.GA_CP04.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
httpd22-0:2.2.17-14.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-beanutils-0:1.8.0-4.1.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-chain-0:1.2-2.2.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-codec-0:1.3-9.1.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-collections-0:3.2.1-4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-1:1.0.5-1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-dbcp-0:1.2.1-16.4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-el-0:1.0-19.2.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-fileupload-1:1.1.1-7.4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-httpclient-1:3.1-1.1.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-launcher-0:1.1-4.6.1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-modeler-0:2.0-4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-validator-0:1.3.1-7.5.1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-oro-0:2.0.8-3.3.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-taglibs-standard-0:1.1.1-9.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
javassist-0:3.12.0-1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-core-0:2.2.17-1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-jdk-0:2.1.2-1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-spi-0:2.1.2-1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-javaee-0:5.0.1-2.9.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jcommon-0:1.0.16-1.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
jfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
log4j-0:1.2.14-18.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-0:1.0.10-2.GA_CP01.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-native-0:1.0.10-2.GA_CP01.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_jk-0:1.2.31-1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
mx4j-1:3.0.1-9.3.4.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
objectweb-asm-0:3.1-5.3.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
regexp-0:1.5-1.2.1.jdk6.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
struts12-0:1.2.9-3.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat5-0:5.5.33-14_patch_04.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat6-0:6.0.32-15_patch_03.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-jkstatus-ant-0:1.2.31-2.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-native-0:1.1.20-2.0.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
xalan-j2-0:2.7.1-5.3_patch_04.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
xerces-j2-0:2.9.1-3.patch01.1.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
xml-commons-1:1.3.04-7.12.ep5.el4 cpe:/a:redhat:jboss_enterprise_web_server:1::el4 RHSA-2011:0897 2011-06-22T00:00:00Z
Red Hat Enterprise Linux 6
tomcat6-0:6.0.24-33.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2011:0791 2011-05-19T00:00:00Z
Red Hat JBoss Enterprise Web Server 1 for RHEL 5
ant-0:1.7.1-13.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
antlr-0:2.7.7-7.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
cglib-0:2.2-5.1.1.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
dom4j-0:1.6.1-11.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
ecj3-1:3.3.1.1-3.1.1.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
glassfish-jsf-0:1.2_13-3.1.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-1:3.3.2-1.4.GA_CP04.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-annotations-0:3.4.0-3.2.GA_CP04.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
httpd-0:2.2.17-11.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-beanutils-0:1.8.0-4.1.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-chain-0:1.2-2.2.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-codec-0:1.3-9.2.1.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-collections-0:3.2.1-4.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-1:1.0.5-1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-dbcp-0:1.2.1-16.4.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-fileupload-1:1.1.1-7.4.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-httpclient-1:3.1-1.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-validator-0:1.3.1-7.5.2.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-oro-0:2.0.8-3.3.2.1.1.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-taglibs-standard-0:1.1.1-9.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
javassist-0:3.12.0-1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-core-0:2.2.17-1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-jdk-0:2.1.2-1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-spi-0:2.1.2-1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-javaee-0:5.0.1-2.9.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jcommon-0:1.0.16-1.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
jfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-0:1.0.10-2.1.GA_CP01.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-native-0:1.0.10-2.1.GA_CP01.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_jk-0:1.2.31-1.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
objectweb-asm-0:3.1-5.3.1.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
struts12-0:1.2.9-3.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat5-0:5.5.33-16_patch_04.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat6-0:6.0.32-15.1_patch_03.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-jkstatus-ant-0:1.2.31-2.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-native-0:1.1.20-2.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
xalan-j2-0:2.7.1-5.3_patch_04.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
xerces-j2-0:2.9.1-3.patch01.1.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
xml-commons-0:1.3.04-7.10.jdk6.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2011:0897 2011-06-22T00:00:00Z
Red Hat JBoss Enterprise Web Server 1 for RHEL 6
ant-0:1.7.1-14.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
antlr-0:2.7.7-7.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
cglib-0:2.2-5.4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
dom4j-0:1.6.1-11.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
ecj3-1:3.3.1.1-4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
glassfish-jsf-0:1.2_13-3.1.4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-1:3.3.2-1.8.GA_CP04.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-annotations-0:3.4.0-3.5.GA_CP04.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-commons-annotations-0:3.1.0-1.8.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-ejb-persistence-3.0-api-1:1.0.2-3.3.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
hibernate3-entitymanager-0:3.4.0-4.4.GA_CP04.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
httpd-0:2.2.17-11.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-beanutils-0:1.8.0-9.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-chain-0:1.2-2.2.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-codec-0:1.3-12.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-collections-0:3.2.1-4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-1:1.0.5-1.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-dbcp-0:1.2.1-16.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-digester-0:1.8.1-8.1.1.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-fileupload-1:1.1.1-7.5.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-httpclient-1:3.1-1.2.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-io-0:1.4-4.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-0:1.1.1-1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-logging-jboss-0:1.1-10.2.2.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-pool-0:1.3-15.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-commons-validator-0:1.3.1-7.5.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-oro-0:2.0.8-7.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jakarta-taglibs-standard-0:1.1.1-12.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
javassist-0:3.12.0-3.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-core-0:2.2.17-1.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-jdk-0:2.1.2-1.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-common-logging-spi-0:2.1.2-1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jboss-javaee-0:5.0.1-2.9.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jcommon-0:1.0.16-1.2.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
jfreechart-0:1.0.13-2.3.2.1.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-0:1.0.10-2.2.GA_CP01.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_cluster-native-0:1.0.10-2.1.1.GA_CP01.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
mod_jk-0:1.2.31-1.1.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
objectweb-asm31-0:3.1-12.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
struts12-0:1.2.9-3.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat5-0:5.5.33-15_patch_04.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat6-0:6.0.32-14_patch_03.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-jkstatus-ant-0:1.2.31-2.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
tomcat-native-0:1.1.20-2.1.2.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
xalan-j2-0:2.7.1-5.3_patch_04.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
xerces-j2-0:2.9.1-8.patch01.1.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
xml-commons-0:1.3.04-7.14.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2011:0897 2011-06-22T00:00:00Z
Red Hat JBoss Web Server 1.0
cpe:/a:redhat:jboss_enterprise_web_server:1.0 RHSA-2011:0896 2011-06-22T00:00:00Z
References
Link Providers
http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0285.html cve-icon cve-icon
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=139344343412337&w=2 cve-icon cve-icon
http://secunia.com/advisories/42337 cve-icon cve-icon
http://secunia.com/advisories/43019 cve-icon cve-icon
http://secunia.com/advisories/45022 cve-icon cve-icon
http://secunia.com/advisories/57126 cve-icon cve-icon
http://securitytracker.com/id?1024764 cve-icon cve-icon
http://support.apple.com/kb/HT5002 cve-icon cve-icon
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1037778 cve-icon cve-icon
http://svn.apache.org/viewvc?view=revision&revision=1037779 cve-icon cve-icon
http://tomcat.apache.org/security-6.html cve-icon cve-icon
http://tomcat.apache.org/security-7.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0791.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0896.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0897.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/514866/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/45015 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1048-1 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3047 cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0203 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=656246 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/63422 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-4172 cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-4172 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-11-26T19:00:00

Updated: 2024-08-07T03:34:37.407Z

Reserved: 2010-11-04T00:00:00

Link: CVE-2010-4172

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-11-26T20:00:04.750

Modified: 2024-11-21T01:20:22.343

Link: CVE-2010-4172

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-11-22T00:00:00Z

Links: CVE-2010-4172 - Bugzilla