|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2010-3718 File permission bypass vulnerability||1.2||Apache Tomcat|| |
|CVE-2011-0013 Multiple cross-site scripting (XSS) vulnerabilities||4.3|
This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.