QwikSec

Security Database

CVE

CWE

Training

CVE-2007-1358

Published: May 9, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://tomcat.apache.org/security-4.html

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_SUNALERT

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

FEDORA-2007-3456

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

APPLE-SA-2007-07-31

vendor-advisory

x_refsource_APPLE

20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html

x_refsource_CONFIRM

oval:org.mitre.oval:def:10679

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_VUPEN

20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

http://docs.info.apple.com/article.html?artnum=306172

x_refsource_CONFIRM

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_JVN

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

x_refsource_CONFIRM

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.