CVE-2007-1355

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.

🔗 References (68)

secalert@redhathttp://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
secalert@redhathttp://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
secalert@redhathttp://osvdb.org/34875
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2008-0630.html
secalert@redhathttp://secunia.com/advisories/27037
secalert@redhathttp://secunia.com/advisories/27727
secalert@redhathttp://secunia.com/advisories/30802
secalert@redhathttp://secunia.com/advisories/30899
secalert@redhathttp://secunia.com/advisories/30908
secalert@redhathttp://secunia.com/advisories/31493
secalert@redhathttp://secunia.com/advisories/33668
secalert@redhathttp://securityreason.com/securityalert/2722
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
secalert@redhathttp://support.apple.com/kb/HT2163

Is Your Infrastructure Affected by CVE-2007-1355?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1355

📅 Published

🔄 Last Modified

🔗 References (68)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1355?