Multiple vulnerabilities in Apache Tomcat
By Ritwik Ghoshal on Mar 13, 2013
|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2012-2733 Improper Input Validation vulnerability||5.0||Apache Tomcat||
|CVE-2012-3546 Security constraints bypass vulnerability||4.3|
|CVE-2012-4431 CSRF prevention filter bypass vulnerability||4.3|
|CVE-2012-4534 Denial of Service (DoS) vulnerability||2.6|
|CVE-2012-5885 Permissions, Privileges, and Access Controls vulnerability||5.0|
|CVE-2012-5886 Improper Authentication vulnerability||5.0|
|CVE-2012-5887 Improper Authentication vulnerability||5.0|
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.