CVE-2008-1232

Published: Aug 4, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1020622

vdb-entry

x_refsource_SECTRACK

oval:org.mitre.oval:def:5985

vdb-entry

signature

x_refsource_OVAL

http://tomcat.apache.org/security-4.html

x_refsource_CONFIRM

RHSA-2008:0862

vendor-advisory

x_refsource_REDHAT

ADV-2009-1609

vdb-entry

x_refsource_VUPEN

ADV-2009-2194

vdb-entry

x_refsource_VUPEN

34013

third-party-advisory

x_refsource_SECUNIA

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx

x_refsource_CONFIRM

ADV-2008-2823

vdb-entry

x_refsource_VUPEN

37460

third-party-advisory

x_refsource_SECUNIA

http://www.vmware.com/security/advisories/VMSA-2009-0002.html

x_refsource_CONFIRM

31982

third-party-advisory

x_refsource_SECUNIA

31681

vdb-entry

x_refsource_BID

32120

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:11181

vdb-entry

signature

x_refsource_OVAL

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

x_refsource_CONFIRM

33999

third-party-advisory

x_refsource_SECUNIA

30496

vdb-entry

x_refsource_BID

31865

third-party-advisory

x_refsource_SECUNIA

4098

third-party-advisory

x_refsource_SREASON

FEDORA-2008-8130

vendor-advisory

x_refsource_FEDORA

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095

x_refsource_CONFIRM

31639

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2008:018

vendor-advisory

x_refsource_SUSE

36108

third-party-advisory

x_refsource_SECUNIA

MDVSA-2008:188

vendor-advisory

x_refsource_MANDRIVA

31379

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

x_refsource_CONFIRM

ADV-2009-0320

vdb-entry

x_refsource_VUPEN

20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

mailing-list

x_refsource_BUGTRAQ

RHSA-2008:0864

vendor-advisory

x_refsource_REDHAT

SUSE-SR:2009:004

vendor-advisory

x_refsource_SUSE

http://tomcat.apache.org/security-6.html

x_refsource_CONFIRM

57126

third-party-advisory

x_refsource_SECUNIA

32222

third-party-advisory

x_refsource_SECUNIA

31891

third-party-advisory

x_refsource_SECUNIA

33797

third-party-advisory

x_refsource_SECUNIA

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500

x_refsource_CONFIRM

20090806 CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management

mailing-list

x_refsource_BUGTRAQ

FEDORA-2008-7977

vendor-advisory

x_refsource_FEDORA

ADV-2008-2305

vdb-entry

x_refsource_VUPEN

FEDORA-2008-8113

vendor-advisory

x_refsource_FEDORA

20090616 CA20090615-02: CA Service Desk Tomcat Cross Site Scripting Vulnerability

mailing-list

x_refsource_BUGTRAQ

http://tomcat.apache.org/security-5.html

x_refsource_CONFIRM

35474

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2780

vdb-entry

x_refsource_VUPEN

31381

third-party-advisory

x_refsource_SECUNIA

HPSBUX02401

vendor-advisory

x_refsource_HP

HPSBST02955

vendor-advisory

x_refsource_HP

APPLE-SA-2008-10-09

vendor-advisory

x_refsource_APPLE

http://support.apple.com/kb/HT3216

x_refsource_CONFIRM

ADV-2009-0503

vdb-entry

x_refsource_VUPEN

ADV-2009-3316

vdb-entry

x_refsource_VUPEN

SSRT090005

vendor-advisory

x_refsource_HP

tomcat-httpservletresponse-xss(44155)

vdb-entry

x_refsource_XF

20080801 [CVE-2008-1232] Apache Tomcat XSS vulnerability

mailing-list

x_refsource_BUGTRAQ

32266

third-party-advisory

x_refsource_SECUNIA

RHSA-2008:0648

vendor-advisory

x_refsource_REDHAT

[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-1232

Description

Affected Products

References