资产安全
商业安全
安全服务
返回- 漏洞ID:1190641
- 漏洞类型:跨站脚本
- 发布日期:2007-04-18
- 更新时间:2010-07-06
- CVE编号: CVE-2006-7195
- CNNVD-ID:CNNVD-200705-187
- 漏洞平台: N/A
- CVSS评分:4.3
<a href="https://www.securityfocus.com/bid/28481" target="_blank">https://www.securityfocus.com/bid/28481</a><br/> <a href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200705-187" target="_blank">http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200705-187</a><br/>
ApacheTomcat的implicit-objects.jsp中存在跨站脚本攻击漏洞。远程攻击者可以借助特定的header值,注入任意的web脚本或HTML。
来源:VUPEN
名称:ADV-2007-1729
链接:http://www.frsirt.com/english/advisories/2007/1729
来源:BUGTRAQ
名称:20090127CA20090123-01:CohesionTomcatMultipleVulnerabilities(Updated-v1.1)
链接:http://www.securityfocus.com/archive/1/archive/1/500412/100/0/threaded
来源:BUGTRAQ
名称:20090124CA20090123-01:CohesionTomcatMultipleVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/500396/100/0/threaded
来源:VUPEN
名称:ADV-2009-0233
链接:http://www.frsirt.com/english/advisories/2009/0233
来源:tomcat.apache.org
链接:http://tomcat.apache.org/security-5.html
来源:support.ca.com
链接:http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
来源:SECUNIA
名称:33668
链接:http://secunia.com/advisories/33668
来源:community.ca.com
链接:http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
来源:BID
名称:28481
链接:http://www.securityfocus.com/bid/28481
来源:BUGTRAQ
名称:20080108VMSA-2008-0002LowseveritysecurityupdateforVirtualCenterandESXServer3.0.2,andESX3.0.1
链接:http://www.securityfocus.com/archive/1/arc
微信扫码关注公众号
