admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-13xx/CVE-2007-1358.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

299 lines
9.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-1358",
"sourceIdentifier": "secalert@redhat.com",
"published": "2007-05-10T00:19:00.000",
"lastModified": "2023-11-07T02:00:22.203",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted \"Accept-Language headers that do not conform to RFC 2616\"."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ciertas aplicaciones que usan Apache Tomcat 4.0.0 hasta 4.0.6 y 4.1.0 hasta 4.1.34 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante \"cabeceras Accept-Language que no cumplen la RFC 2616\" artesanales."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 2.6
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.1.31",
"matchCriteriaId": "CBB47E3B-ECDD-4A05-9920-90696089C4C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "914E1404-01A2-4F94-AA40-D5EA20F55AD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81FB1106-B26D-45BE-A511-8E69131BBA52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "401A213A-FED3-49C0-B823-2E02EA528905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFE5AD8-DB14-4632-9D2A-F2013579CA7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7641278D-3B8B-4CD2-B284-2047B65514A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7B9911-E836-4A96-A0E8-D13C957EC0EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2341C51-A239-4A4A-B0DC-30F18175442C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E300013-0CE7-4313-A553-74A6A247B3E9"
}
]
}
]
}
],
"references": [
{
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx",
"source": "secalert@redhat.com"
},
{
"url": "http://docs.info.apple.com/article.html?artnum=306172",
"source": "secalert@redhat.com"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"source": "secalert@redhat.com"
},
{
"url": "http://jvn.jp/jp/JVN%2316535199/index.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html",
"source": "secalert@redhat.com"
},
{
"url": "http://osvdb.org/34881",
"source": "secalert@redhat.com"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/25721",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/26235",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/26660",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/27037",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/27727",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/30899",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/30908",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/31493",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/33668",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1",
"source": "secalert@redhat.com"
},
{
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540",
"source": "secalert@redhat.com"
},
{
"url": "http://tomcat.apache.org/security-4.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/471719/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/24524",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/25159",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id?1018269",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2007/1729",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2732",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3087",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3386",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2008/1979/references",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0233",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E",
"source": "secalert@redhat.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html",
"source": "secalert@redhat.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink