RHSA-2010:0602Medium

Red Hat Security Advisory: Red Hat Certificate System 7.3 security update

Published
August 4, 2010
Last Modified
June 27, 2026

🔗 CVE IDs covered (39)

📋 Description

CVE-2005-2090 — tomcat multiple content-length header poisioning CVE-2005-3510 — tomcat DoS CVE-2006-3835 — tomcat directory listing issue CVE-2006-3918 — httpd: Expect header XSS CVE-2006-5752 — httpd mod_status XSS CVE-2007-0450 — tomcat directory traversal CVE-2007-1349 — mod_perl PerlRun denial of service CVE-2007-1358 — tomcat accept-language xss flaw CVE-2007-1863 — httpd mod_cache segfault CVE-2007-3304 — httpd scoreboard lack of PID protection CVE-2007-3382 — tomcat handling of cookies CVE-2007-3385 — tomcat handling of cookie values CVE-2007-3847 — httpd: out of bounds read CVE-2007-4465 — mod_autoindex XSS CVE-2007-5000 — httpd: mod_imagemap XSS CVE-2007-5116 — perl regular expression UTF parsing errors CVE-2007-5333 — Improve cookie parsing for tomcat5 CVE-2007-5461 — Absolute path traversal Apache Tomcat WEBDAV CVE-2007-6388 — apache mod_status cross-site scripting CVE-2008-0005 — mod_proxy_ftp XSS CVE-2008-0128 — tomcat5 SSO cookie login information disclosure CVE-2008-1232 — tomcat: Cross-Site-Scripting enabled by sendError call CVE-2008-1927 — perl: heap corruption by regular expressions with utf8 characters CVE-2008-2364 — httpd: mod_proxy_http DoS via excessive interim responses from the origin server CVE-2008-2370 — tomcat RequestDispatcher information disclosure vulnerability CVE-2008-2939 — httpd: mod_proxy_ftp globbing XSS CVE-2008-5515 — tomcat request dispatcher information disclosure vulnerability CVE-2009-0023 — apr-util heap buffer underwrite CVE-2009-0033 — tomcat6 Denial-Of-Service with AJP connection CVE-2009-0580 — tomcat6 Information disclosure in authentication classes CVE-2009-1891 — httpd: possible temporary DoS (CPU consumption) in mod_deflate CVE-2009-1955 — apr-util billion laughs attack CVE-2009-1956 — apr-util single NULL byte buffer overflow CVE-2009-2412 — apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management CVE-2009-3094 — httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply CVE-2009-3095 — httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header CVE-2009-4901 — pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages CVE-2010-0407 — pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages CVE-2010-0434 — httpd: request header information leak

🔗 References (42)