The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Multiple Tomcat vulnerabilities in Oracle Health Sciences LabPas

Ritwik Ghoshal
Principal Security Analyst
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2733 Improper Input Validation vulnerability 5.0 Apache Tomcat
Oracle Health Sciences LabPas upgrade to Apache Tomcat v6.0.36
CVE-2012-3439 DIGEST authentication implementation issues 5.0
CVE-2012-3546 Security constraints bypass vulnerability 4.3
CVE-2012-4431 CSRF prevention filter bypass vulnerability 4.3
CVE-2012-4534 Denial of Service (DoS) vulnerability 2.6

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.