← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2007-3382

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2007-3382
1
 
PublicDate: 2007-08-14
2
 
Candidate: CVE-2007-3382
3
 
References: 
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
5
 
Description:
6
 
 Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to
7
 
 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in
8
 
 cookies, which might cause sensitive information such as session IDs to be
9
 
 leaked and allow remote attackers to conduct session hijacking attacks.
10
 
Ubuntu-Description: 
11
 
Notes: 
12
 
Bugs: 
13
 
 https://bugs.launchpad.net/ubuntu/+source/tomcat5/+bug/175505
14
 
#sid_PKG:
15
 
#dapper_PKG:
16
 
#edgy_PKG:
17
 
#feisty_PKG:
18
 
#devel_PKG:
19
 
dapper_tomcat5.5: DNE
20
 
edgy_tomcat5.5: needed (reached end-of-life)
21
 
feisty_tomcat5.5: needed (reached end-of-life)
22
 
gutsy_tomcat5.5: released (5.5.25-1)
23
 
hardy_tomcat5.5: released (5.5.25-1)
24
 
intrepid_tomcat5.5: released (5.5.25-1)
25
 
jaunty_tomcat5.5: released (5.5.25-1)
26
 
karmic_tomcat5.5: DNE
27
 
devel_tomcat5.5: DNE
28
 
upstream_tomcat5.5: released (5.5.25)
29
 
 
30
 
upstream_tomcat5: needs-triage
31
 
dapper_tomcat5: ignored (reached end-of-life)
32
 
edgy_tomcat5: needed (reached end-of-life)
33
 
feisty_tomcat5: needed (reached end-of-life)
34
 
gutsy_tomcat5: DNE
35
 
hardy_tomcat5: DNE
36
 
intrepid_tomcat5: DNE
37
 
jaunty_tomcat5: DNE
38
 
karmic_tomcat5: DNE
39
 
devel_tomcat5: DNE