The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Multiple vulnerabilities in Apache Tomcat

Ritwik Ghoshal
Senior Principal Security Analyst
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3544 Input Validation vulnerability 5.0 Apache Tomcat
Solaris 10 SPARC: 122911-34 X86: 122912-34
Solaris 11.1
CVE-2013-1571 Insufficient Information vulnerability 4.3
CVE-2013-4286 Input Validation vulnerability 5.8
CVE-2013-4322 Input Validation vulnerability 4.3
CVE-2013-4590 Information Disclosure vulnerability 4.3
CVE-2014-0033 Input Validation vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.