New Search

HP-UX Running Apache Remote Denial of Service (DoS) Execution of Arbitrary Code and other vulnerabilities

oval:org.mitre.oval:def:18541

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2012-4431
Product(s):