New Search

RHSA-2008:0648 -- tomcat security update (Important)

oval:org.mitre.oval:def:28407

Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A cross-site scripting vulnerability was discovered in the HttpServletResponse.sendErrormethod. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
patch
Reference(s):
  • RHSA-2008:0648
  • CESA-2008:0648-CentOS 5
  • CVE-2008-1232
  • CVE-2008-1947
  • CVE-2008-2370
  • CVE-2008-2938
Product(s):
  • tomcat5