Multiple vulnerabilities in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2733 Improper Input Validation vulnerability 5.0 Apache Tomcat
Solaris 10 SPARC: 122911-31 X86: 122912-31
Solaris 11.1 11.1.4.5
Solaris 9 SPARC: 114016-14 X86: 114017-13
CVE-2012-3546 Security constraints bypass vulnerability 4.3
CVE-2012-4431 CSRF prevention filter bypass vulnerability 4.3
CVE-2012-4534 Denial of Service (DoS) vulnerability 2.6
CVE-2012-5885 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2012-5886 Improper Authentication vulnerability 5.0
CVE-2012-5887 Improper Authentication vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today