1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
PublicDate: 2007-05-09
Candidate: CVE-2007-1358
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
Description:
Cross-site scripting (XSS) vulnerability in certain applications using
Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote
attackers to inject arbitrary web script or HTML via crafted
"Accept-Language headers that do not conform to RFC 2616".
Ubuntu-Description:
Notes:
Bugs:
#sid_PKG:
#dapper_PKG:
#edgy_PKG:
#feisty_PKG:
#devel_PKG:
dapper_tomcat4: ignored (reached end-of-life)
edgy_tomcat4: needed (reached end-of-life)
feisty_tomcat4: DNE
gutsy_tomcat4: DNE
hardy_tomcat4: DNE
intrepid_tomcat4: DNE
jaunty_tomcat4: DNE
karmic_tomcat4: DNE
devel_tomcat4: DNE
upstream_tomcat4:
|