CVE-2011-1096 Description The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses, aka "character encoding pattern attack." Mitigation We recommend upgrading to a version of this component that supports Galois/Counter Mode (GCM) and configuring your security policy to use GCM. > For example, to use the AES-128 Algorithm with GCM mode, one would use a policy like: ``` <sp:AlgorithmSuite><wsp:Policy><sp-cxf:Basic128GCMxmlns:sp-cxf="http://cxf.apache.org/custom/security-policy"/></wsp:Policy></sp:AlgorithmSuite ``` Reference : (http://coheigea.blogspot.com/2012/04/note-on-cve-2011-1096.html)…
Read More
CVE-2011-1088 Description Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. While this CVE is partially fixed in version 7.0.10, the vulnerability is ultimately fixed in 7.0.11 with CVE-2011-1419. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1088 http://tomcat.apache.org/security-7.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1088 Project Category n/a Tags data Date Disclosed 2011-03-14 Date Discovered 2011-02-24 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2011-0013 Description Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0013 http://www.securitytracker.com/id?1025026 Project Category n/a Tags data functional privileged Date Disclosed 2011-02-18 Date Discovered 2010-12-07 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2010-4476 Description The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive…
Read More
CVE-2010-4172 Description Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4172 http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3C4CEABE79.8030203@apache.org%3E Project Category n/a Tags data functional Date Disclosed 2010-11-26 Date Discovered 2010-11-04 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help…
Read More
CVE-2010-3718 Description Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating…
Read More
CVE-2010-2087 Description Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2087 http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf Project Category n/a Tags data Date Disclosed 2010-05-27 Date Discovered 2010-05-27 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2010-1157 Description Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1157 http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html https://svn.apache.org/viewvc?view=revision&revision=936540 https://svn.apache.org/viewvc?view=revision&revision=936541 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1157 Project Category n/a Tags data Date Disclosed 2010-04-23 Date Discovered 2010-03-29 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2009-2902 Description Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2902 http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2902 Project Category n/a Tags data Date Disclosed 2010-01-28 Date Discovered 2009-08-20 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2009-2901 Description The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2901 http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2901 Project Category n/a Tags data configuration Date Disclosed 2010-01-28 Date Discovered 2009-08-20 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
