Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-5515 (GCVE-0-2008-5515)
Vulnerability from cvelistv5 – Published: 2009-06-16 20:26 – Updated: 2024-08-07 10:56
VLAI
EPSS
Summary
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
50 references
Date Public
2009-06-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-4.html"
},
{
"name": "HPSBMA02535",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "MDVSA-2009:138",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"name": "ADV-2009-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"name": "FEDORA-2009-11356",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"name": "DSA-2207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"name": "JVN#63832775",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"name": "HPSBUX02860",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "37460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37460"
},
{
"name": "ADV-2010-3056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "35788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35788"
},
{
"name": "SSRT100029",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "35263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35263"
},
{
"name": "ADV-2009-1520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44183"
},
{
"name": "ADV-2009-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"name": "20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"name": "MDVSA-2010:176",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "42368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42368"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "35393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "FEDORA-2009-11374",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"name": "oval:org.mitre.oval:def:6445",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "FEDORA-2009-11352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-5.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "HPSBUX02579",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "SSRT101146",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "MDVSA-2009:136",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"name": "263529",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"name": "SSRT100203",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10422",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"name": "oval:org.mitre.oval:def:19452",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"name": "ADV-2009-3316",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-13T16:08:25.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-4.html"
},
{
"name": "HPSBMA02535",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "39317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "MDVSA-2009:138",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"name": "ADV-2009-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"name": "FEDORA-2009-11356",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"name": "DSA-2207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"name": "JVN#63832775",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"name": "HPSBUX02860",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "37460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37460"
},
{
"name": "ADV-2010-3056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "35788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35788"
},
{
"name": "SSRT100029",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "35263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35263"
},
{
"name": "ADV-2009-1520",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"name": "44183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44183"
},
{
"name": "ADV-2009-1856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"name": "20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"name": "MDVSA-2010:176",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "42368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42368"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "35393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2010:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "FEDORA-2009-11374",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"name": "oval:org.mitre.oval:def:6445",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "FEDORA-2009-11352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-5.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "HPSBUX02579",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "SSRT101146",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "MDVSA-2009:136",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"name": "263529",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"name": "SSRT100203",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10422",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"name": "oval:org.mitre.oval:def:19452",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"name": "ADV-2009-3316",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-5515",
"datePublished": "2009-06-16T20:26:00.000Z",
"dateReserved": "2008-12-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:56:46.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2008-5515",
"date": "2026-05-27",
"epss": "0.72859",
"percentile": "0.98797"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E300013-0CE7-4313-A553-74A6A247B3E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E08D7414-8D0C-45D6-8E87-679DF0201D55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB15C5DB-0DBE-4DAD-ACBD-FAE23F768D01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60CFD9CA-1878-4C74-A9BD-5D581736E6B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C92F3744-C8F9-4E29-BF1A-25E03A32F2C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"084B3227-FE22-43E3-AE06-7BB257018690\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7DDA1D1-1DB2-4FD6-90A6-7DDE2FDD73F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2BFF1D5-2E34-4A01-83A7-6AA3A112A1B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D536FF4-7582-4351-ABE3-876E20F8E7FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C03E4C9-34E3-42F7-8B73-D3C595FD7EE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB43F47F-5BF9-43A0-BF0E-451B4A8F7137\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFFFE700-AAFE-4F5B-B0E2-C3DA76DE492D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11DDD82E-5D83-4581-B2F3-F12655BBF817\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A0F0C91-171E-421D-BE86-11567DEFC7BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F22D2621-D305-43CE-B00D-9A7563B061F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A5D55E8-D3A3-4784-8AC6-CCB07E470AB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F4245BA-B05C-49DE-B2E0-1E588209ED3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8633532B-9785-4259-8840-B08529E20DCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1D9BD7E-FCC2-404B-A057-1A10997DAFF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F935ED72-58F4-49C1-BD9F-5473E0B9D8CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FADB75DC-8713-4F0C-9F06-30DA6F6EF6B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EA52901-2D16-4F7E-BF5E-780B42A55D6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A79DA2C-35F3-47DE-909B-8D8D1AE111C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BF6952D-6308-4029-8B63-0BD9C648C60F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94941F86-0BBF-4F30-8F13-FB895A11ED69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17522878-4266-432A-859D-C02096C8AC0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"951FFCD7-EAC2-41E6-A53B-F90C540327E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF1F2738-C7D6-4206-9227-43F464887FF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98EEB6F2-A721-45CF-A856-0E01B043C317\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02FDE602-A56A-477E-B704-41AF92EEBB9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A28B11A-3BC7-41BC-8970-EE075B029F5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AD3E84C-9A2E-4586-A09E-CBDEB1E7F695\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EF54C08-5FF1-4D02-AA16-B13096BD566C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8F3B31D-8974-4016-ACAF-E7A917C99F84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E98B82A-22E5-4E6C-90AE-56F5780EA147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34672E90-C220-436B-9143-480941227933\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92883AFA-A02F-41A5-9977-ABEAC8AD2970\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"989A78F8-EE92-465F-8A8D-ECF0B58AFE7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACFB09F3-32D1-479C-8C39-D7329D9A6623\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D56581E2-9ECD-426A-96D8-A9D958900AD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"717F6995-5AF0-484C-90C0-A82F25FD2E32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B0C01D5-773F-469C-9E69-170C2844AAA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB03FDFB-4DBF-4B70-BFA3-570D1DE67695\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F5CF79C-759B-4FF9-90EE-847264059E93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"357651FD-392E-4775-BF20-37A23B3ABAE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"585B9476-6B86-4809-9B9E-26112114CB59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6145036D-4FCE-4EBE-A137-BDFA69BA54F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E437055A-0A81-413F-AB08-0E9D0DC9EA30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9276A093-9C98-4617-9941-2276995F5848\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C98575E2-E39A-4A8F-B5B5-BD280B8367BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5878E08E-2741-4798-94E9-BA8E07386B12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69F6BAB7-C099-4345-A632-7287AEA555B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3AAF031-D16B-4D51-9581-2D1376A5157B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51120689-F5C0-4DF1-91AA-314C40A46C58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F67477AB-85F6-421C-9C0B-C8EFB1B200CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D70CFD9-B55D-4A29-B94C-D33F3E881A8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E3C039-A949-4F1B-892A-57147EECB249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F28C7801-41B9-4552-BA1E-577967BCBBEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B21085-7259-4685-9D1F-FF98E6489E10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"635EE321-2A1F-4FF8-95BE-0C26591969D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11951A10-39A2-4FF5-8C43-DF94730FB794\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B6B0504-27C1-4824-A928-A878CBBAB32D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D903956B-14F5-4177-AF12-0A5F1846D3C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.\"}, {\"lang\": \"es\", \"value\": \"Apache Tomcat desde v4.1.0 hasta v4.1.39, desde v5.5.0 hasta v5.5.27, desde v6.0.0 hasta v6.0.18, y posiblemente versiones anteriores que normalizan la ruta del directorio objetivo antes de filtrar la cadena de petici\\u00f3n cuando se utiliza el m\\u00e9todo RequestDispatcher, lo que permitir\\u00eda atacantes remotos evitar las restricciones de acceso previstas y que llevar\\u00eda a un salto de directorio a trav\\u00e9s de secuencias ..(punto punto) y el directorio WEB-INF en una petici\\u00f3n.\"}]",
"id": "CVE-2008-5515",
"lastModified": "2024-11-21T00:54:14.080",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2009-06-16T21:00:00.313",
"references": "[{\"url\": \"http://jvn.jp/en/jp/JVN63832775/index.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/35393\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/35685\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/35788\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/37460\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/39317\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/42368\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/44183\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://support.apple.com/kb/HT4077\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://tomcat.apache.org/security-4.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-5.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-6.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2207\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:136\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:138\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/504170/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/504202/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/507985/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/35263\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1520\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1535\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1856\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3316\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3056\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://jvn.jp/en/jp/JVN63832775/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35393\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35685\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35788\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/37460\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/39317\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42368\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/44183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT4077\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tomcat.apache.org/security-4.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-5.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://tomcat.apache.org/security-6.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2207\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:136\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/504170/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/504202/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/507985/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/35263\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1520\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1535\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1856\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3316\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3056\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-5515\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2009-06-16T21:00:00.313\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.\"},{\"lang\":\"es\",\"value\":\"Apache Tomcat desde v4.1.0 hasta v4.1.39, desde v5.5.0 hasta v5.5.27, desde v6.0.0 hasta v6.0.18, y posiblemente versiones anteriores que normalizan la ruta del directorio objetivo antes de filtrar la cadena de petici\u00f3n cuando se utiliza el m\u00e9todo RequestDispatcher, lo que permitir\u00eda atacantes remotos evitar las restricciones de acceso previstas y que llevar\u00eda a un salto de directorio a trav\u00e9s de secuencias ..(punto punto) y el directorio WEB-INF en una petici\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E300013-0CE7-4313-A553-74A6A247B3E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08D7414-8D0C-45D6-8E87-679DF0201D55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB15C5DB-0DBE-4DAD-ACBD-FAE23F768D01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CFD9CA-1878-4C74-A9BD-5D581736E6B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C92F3744-C8F9-4E29-BF1A-25E03A32F2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084B3227-FE22-43E3-AE06-7BB257018690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DDA1D1-1DB2-4FD6-90A6-7DDE2FDD73F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2BFF1D5-2E34-4A01-83A7-6AA3A112A1B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D536FF4-7582-4351-ABE3-876E20F8E7FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C03E4C9-34E3-42F7-8B73-D3C595FD7EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB43F47F-5BF9-43A0-BF0E-451B4A8F7137\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFFFE700-AAFE-4F5B-B0E2-C3DA76DE492D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DDD82E-5D83-4581-B2F3-F12655BBF817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0F0C91-171E-421D-BE86-11567DEFC7BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F22D2621-D305-43CE-B00D-9A7563B061F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5D55E8-D3A3-4784-8AC6-CCB07E470AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F4245BA-B05C-49DE-B2E0-1E588209ED3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8633532B-9785-4259-8840-B08529E20DCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1D9BD7E-FCC2-404B-A057-1A10997DAFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F935ED72-58F4-49C1-BD9F-5473E0B9D8CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADB75DC-8713-4F0C-9F06-30DA6F6EF6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EA52901-2D16-4F7E-BF5E-780B42A55D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A79DA2C-35F3-47DE-909B-8D8D1AE111C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BF6952D-6308-4029-8B63-0BD9C648C60F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94941F86-0BBF-4F30-8F13-FB895A11ED69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17522878-4266-432A-859D-C02096C8AC0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951FFCD7-EAC2-41E6-A53B-F90C540327E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1F2738-C7D6-4206-9227-43F464887FF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98EEB6F2-A721-45CF-A856-0E01B043C317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02FDE602-A56A-477E-B704-41AF92EEBB9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A28B11A-3BC7-41BC-8970-EE075B029F5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD3E84C-9A2E-4586-A09E-CBDEB1E7F695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF54C08-5FF1-4D02-AA16-B13096BD566C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F3B31D-8974-4016-ACAF-E7A917C99F84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E98B82A-22E5-4E6C-90AE-56F5780EA147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34672E90-C220-436B-9143-480941227933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92883AFA-A02F-41A5-9977-ABEAC8AD2970\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"989A78F8-EE92-465F-8A8D-ECF0B58AFE7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACFB09F3-32D1-479C-8C39-D7329D9A6623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56581E2-9ECD-426A-96D8-A9D958900AD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717F6995-5AF0-484C-90C0-A82F25FD2E32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B0C01D5-773F-469C-9E69-170C2844AAA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB03FDFB-4DBF-4B70-BFA3-570D1DE67695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F5CF79C-759B-4FF9-90EE-847264059E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"357651FD-392E-4775-BF20-37A23B3ABAE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585B9476-6B86-4809-9B9E-26112114CB59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6145036D-4FCE-4EBE-A137-BDFA69BA54F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E437055A-0A81-413F-AB08-0E9D0DC9EA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9276A093-9C98-4617-9941-2276995F5848\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C98575E2-E39A-4A8F-B5B5-BD280B8367BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5878E08E-2741-4798-94E9-BA8E07386B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69F6BAB7-C099-4345-A632-7287AEA555B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3AAF031-D16B-4D51-9581-2D1376A5157B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51120689-F5C0-4DF1-91AA-314C40A46C58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F67477AB-85F6-421C-9C0B-C8EFB1B200CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D70CFD9-B55D-4A29-B94C-D33F3E881A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN63832775/index.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/35393\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/35685\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/35788\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/37460\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42368\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.apple.com/kb/HT4077\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://tomcat.apache.org/security-4.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-5.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2207\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:136\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:138\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/504170/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/504202/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/35263\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1520\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1535\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1856\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3056\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://jvn.jp/en/jp/JVN63832775/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35393\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35685\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tomcat.apache.org/security-4.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-5.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/504170/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/504202/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/35263\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
FKIE_CVE-2008-5515
Vulnerability from fkie_nvd - Published: 2009-06-16 21:00 - Updated: 2026-04-23 00:35
Severity
Summary
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E300013-0CE7-4313-A553-74A6A247B3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E08D7414-8D0C-45D6-8E87-679DF0201D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB15C5DB-0DBE-4DAD-ACBD-FAE23F768D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "60CFD9CA-1878-4C74-A9BD-5D581736E6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C92F3744-C8F9-4E29-BF1A-25E03A32F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "084B3227-FE22-43E3-AE06-7BB257018690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F7DDA1D1-1DB2-4FD6-90A6-7DDE2FDD73F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BFF1D5-2E34-4A01-83A7-6AA3A112A1B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6D536FF4-7582-4351-ABE3-876E20F8E7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "1C03E4C9-34E3-42F7-8B73-D3C595FD7EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FB43F47F-5BF9-43A0-BF0E-451B4A8F7137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFFE700-AAFE-4F5B-B0E2-C3DA76DE492D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "11DDD82E-5D83-4581-B2F3-F12655BBF817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0F0C91-171E-421D-BE86-11567DEFC7BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F22D2621-D305-43CE-B00D-9A7563B061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5D55E8-D3A3-4784-8AC6-CCB07E470AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4245BA-B05C-49DE-B2E0-1E588209ED3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "8633532B-9785-4259-8840-B08529E20DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D9BD7E-FCC2-404B-A057-1A10997DAFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F935ED72-58F4-49C1-BD9F-5473E0B9D8CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FADB75DC-8713-4F0C-9F06-30DA6F6EF6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA52901-2D16-4F7E-BF5E-780B42A55D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "6A79DA2C-35F3-47DE-909B-8D8D1AE111C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF6952D-6308-4029-8B63-0BD9C648C60F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "94941F86-0BBF-4F30-8F13-FB895A11ED69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "17522878-4266-432A-859D-C02096C8AC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "951FFCD7-EAC2-41E6-A53B-F90C540327E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1F2738-C7D6-4206-9227-43F464887FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "98EEB6F2-A721-45CF-A856-0E01B043C317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "02FDE602-A56A-477E-B704-41AF92EEBB9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "5A28B11A-3BC7-41BC-8970-EE075B029F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD3E84C-9A2E-4586-A09E-CBDEB1E7F695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF54C08-5FF1-4D02-AA16-B13096BD566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F3B31D-8974-4016-ACAF-E7A917C99F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E98B82A-22E5-4E6C-90AE-56F5780EA147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34672E90-C220-436B-9143-480941227933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92883AFA-A02F-41A5-9977-ABEAC8AD2970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "989A78F8-EE92-465F-8A8D-ECF0B58AFE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFB09F3-32D1-479C-8C39-D7329D9A6623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D56581E2-9ECD-426A-96D8-A9D958900AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "717F6995-5AF0-484C-90C0-A82F25FD2E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C01D5-773F-469C-9E69-170C2844AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EB03FDFB-4DBF-4B70-BFA3-570D1DE67695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5CF79C-759B-4FF9-90EE-847264059E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "357651FD-392E-4775-BF20-37A23B3ABAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "585B9476-6B86-4809-9B9E-26112114CB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6145036D-4FCE-4EBE-A137-BDFA69BA54F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E437055A-0A81-413F-AB08-0E9D0DC9EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9276A093-9C98-4617-9941-2276995F5848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C98575E2-E39A-4A8F-B5B5-BD280B8367BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5878E08E-2741-4798-94E9-BA8E07386B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "69F6BAB7-C099-4345-A632-7287AEA555B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "F3AAF031-D16B-4D51-9581-2D1376A5157B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "51120689-F5C0-4DF1-91AA-314C40A46C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F67477AB-85F6-421C-9C0B-C8EFB1B200CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5D70CFD9-B55D-4A29-B94C-D33F3E881A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49E3C039-A949-4F1B-892A-57147EECB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F28C7801-41B9-4552-BA1E-577967BCBBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25B21085-7259-4685-9D1F-FF98E6489E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "635EE321-2A1F-4FF8-95BE-0C26591969D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11951A10-39A2-4FF5-8C43-DF94730FB794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "351E5BCF-A56B-4D91-BA3C-21A4B77D529A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6B0504-27C1-4824-A928-A878CBBAB32D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D903956B-14F5-4177-AF12-0A5F1846D3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81F847DC-A2F5-456C-9038-16A0E85F4C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B93A3A-D487-4CA1-8257-26F8FE287B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8802B2-57E0-4AA6-BC8E-00DE60468569",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request."
},
{
"lang": "es",
"value": "Apache Tomcat desde v4.1.0 hasta v4.1.39, desde v5.5.0 hasta v5.5.27, desde v6.0.0 hasta v6.0.18, y posiblemente versiones anteriores que normalizan la ruta del directorio objetivo antes de filtrar la cadena de petici\u00f3n cuando se utiliza el m\u00e9todo RequestDispatcher, lo que permitir\u00eda atacantes remotos evitar las restricciones de acceso previstas y que llevar\u00eda a un salto de directorio a trav\u00e9s de secuencias ..(punto punto) y el directorio WEB-INF en una petici\u00f3n."
}
],
"id": "CVE-2008-5515",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-16T21:00:00.313",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35393"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35788"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37460"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/39317"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42368"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44183"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-4.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-5.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"source": "secalert@redhat.com",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/35263"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-5.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/35263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-9737-QMGC-HFR9
Vulnerability from github – Published: 2022-05-14 01:17 – Updated: 2024-02-21 19:56
VLAI
Summary
Directory Traversal in Apache Tomcat
Details
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Severity
5.3 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.0"
},
{
"fixed": "4.1.40"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "5.5.0"
},
{
"fixed": "5.5.28"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.20"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2008-5515"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-09T23:48:28Z",
"nvd_published_at": "2009-06-16T21:00:00Z",
"severity": "MODERATE"
},
"details": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"id": "GHSA-9737-qmgc-hfr9",
"modified": "2024-02-21T19:56:16Z",
"published": "2022-05-14T01:17:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/6b61911f94d6d8d49ee933c5f1882a7e7c336d2c"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10422"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19452"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:6445"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"type": "WEB",
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT4077"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-4.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-5.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"type": "WEB",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Directory Traversal in Apache Tomcat"
}
GSD-2008-5515
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-5515",
"description": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"id": "GSD-2008-5515",
"references": [
"https://www.suse.com/security/cve/CVE-2008-5515.html",
"https://www.debian.org/security/2011/dsa-2207",
"https://access.redhat.com/errata/RHSA-2010:0602",
"https://access.redhat.com/errata/RHSA-2009:1617",
"https://access.redhat.com/errata/RHSA-2009:1616",
"https://access.redhat.com/errata/RHSA-2009:1563",
"https://access.redhat.com/errata/RHSA-2009:1562",
"https://access.redhat.com/errata/RHSA-2009:1506",
"https://access.redhat.com/errata/RHSA-2009:1454",
"https://access.redhat.com/errata/RHSA-2009:1164",
"https://access.redhat.com/errata/RHSA-2009:1146",
"https://access.redhat.com/errata/RHSA-2009:1145",
"https://access.redhat.com/errata/RHSA-2009:1144",
"https://access.redhat.com/errata/RHSA-2009:1143",
"https://linux.oracle.com/cve/CVE-2008-5515.html",
"https://packetstormsecurity.com/files/cve/CVE-2008-5515"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-5515"
],
"details": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"id": "GSD-2008-5515",
"modified": "2023-12-13T01:23:04.404618Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-5515",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "http://secunia.com/advisories/35685",
"refsource": "MISC",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "http://secunia.com/advisories/35788",
"refsource": "MISC",
"url": "http://secunia.com/advisories/35788"
},
{
"name": "http://secunia.com/advisories/37460",
"refsource": "MISC",
"url": "http://secunia.com/advisories/37460"
},
{
"name": "http://secunia.com/advisories/42368",
"refsource": "MISC",
"url": "http://secunia.com/advisories/42368"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1",
"refsource": "MISC",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "MISC",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "http://tomcat.apache.org/security-4.html",
"refsource": "MISC",
"url": "http://tomcat.apache.org/security-4.html"
},
{
"name": "http://tomcat.apache.org/security-5.html",
"refsource": "MISC",
"url": "http://tomcat.apache.org/security-5.html"
},
{
"name": "http://tomcat.apache.org/security-6.html",
"refsource": "MISC",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "http://www.debian.org/security/2011/dsa-2207",
"refsource": "MISC",
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"name": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "http://www.vupen.com/english/advisories/2009/1856",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"name": "http://www.vupen.com/english/advisories/2009/3316",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "http://www.vupen.com/english/advisories/2010/3056",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"name": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html",
"refsource": "MISC",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html",
"refsource": "MISC",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"name": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html",
"refsource": "MISC",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"name": "http://secunia.com/advisories/35393",
"refsource": "MISC",
"url": "http://secunia.com/advisories/35393"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html",
"refsource": "MISC",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"name": "http://www.vupen.com/english/advisories/2009/1535",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"name": "http://jvn.jp/en/jp/JVN63832775/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "http://secunia.com/advisories/39317",
"refsource": "MISC",
"url": "http://secunia.com/advisories/39317"
},
{
"name": "http://secunia.com/advisories/44183",
"refsource": "MISC",
"url": "http://secunia.com/advisories/44183"
},
{
"name": "http://www.securityfocus.com/archive/1/504170/100/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"name": "http://www.securityfocus.com/archive/1/504202/100/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"name": "http://www.securityfocus.com/bid/35263",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/35263"
},
{
"name": "http://www.vupen.com/english/advisories/2009/1520",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[4.1.0,4.1.40),[5.5.0,5.5.28),[6.0.0,6.0.19)",
"affected_versions": "All versions starting from 4.1.0 before 4.1.40, all versions starting from 5.5.0 before 5.5.28, all versions starting from 6.0.0 before 6.0.19",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2022-06-09",
"description": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"fixed_versions": [
"4.1.40",
"5.5.28",
"6.0.20"
],
"identifier": "CVE-2008-5515",
"identifiers": [
"GHSA-9737-qmgc-hfr9",
"CVE-2008-5515"
],
"not_impacted": "All versions before 4.1.0, all versions starting from 4.1.40 before 5.5.0, all versions starting from 5.5.28 before 6.0.0, all versions starting from 6.0.19",
"package_slug": "maven/org.apache.tomcat/tomcat",
"pubdate": "2022-05-14",
"solution": "Upgrade to versions 4.1.40, 5.5.28, 6.0.20 or above.",
"title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445",
"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html",
"http://jvn.jp/en/jp/JVN63832775/index.html",
"http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2",
"http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2",
"http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2",
"http://support.apple.com/kb/HT4077",
"http://tomcat.apache.org/security-4.html",
"http://tomcat.apache.org/security-5.html",
"http://tomcat.apache.org/security-6.html",
"http://www.debian.org/security/2011/dsa-2207",
"http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"https://github.com/advisories/GHSA-9737-qmgc-hfr9"
],
"uuid": "6ab8cf4e-9a8f-4443-a935-b6070c894c1d"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-5515"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1520",
"refsource": "VUPEN",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"name": "35263",
"refsource": "BID",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/35263"
},
{
"name": "http://tomcat.apache.org/security-5.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-5.html"
},
{
"name": "http://tomcat.apache.org/security-4.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-4.html"
},
{
"name": "JVN#63832775",
"refsource": "JVN",
"tags": [
"Patch"
],
"url": "http://jvn.jp/en/jp/JVN63832775/index.html"
},
{
"name": "http://tomcat.apache.org/security-6.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"name": "35393",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35393"
},
{
"name": "ADV-2009-1535",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"name": "MDVSA-2009:138",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138"
},
{
"name": "MDVSA-2009:136",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1856",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"name": "263529",
"refsource": "SUNALERT",
"tags": [],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"name": "35788",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/35788"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "37460",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/37460"
},
{
"name": "FEDORA-2009-11374",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html"
},
{
"name": "FEDORA-2009-11356",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html"
},
{
"name": "FEDORA-2009-11352",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "SUSE-SR:2010:008",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"name": "39317",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/39317"
},
{
"name": "MDVSA-2010:176",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176"
},
{
"name": "HPSBUX02579",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"name": "ADV-2010-3056",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"name": "42368",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42368"
},
{
"name": "44183",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/44183"
},
{
"name": "DSA-2207",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"name": "HPSBUX02860",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"name": "HPSBMA02535",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:6445",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445"
},
{
"name": "oval:org.mitre.oval:def:19452",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452"
},
{
"name": "oval:org.mitre.oval:def:10422",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"name": "20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"name": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E",
"refsource": "MISC",
"tags": [],
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-02-13T02:19Z",
"publishedDate": "2009-06-16T21:00Z"
}
}
}
JVNDB-2009-000036
Vulnerability from jvndb - Published: 2009-06-18 17:53 - Updated:2012-09-28 13:35Summary
Apache Tomcat information disclosure vulnerability
Details
Apache Tomcat from The Apache Software Foundation contains an information disclosure vulnerability.
Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies.
Apache Tomcat contains a vulnerability which may allow information disclosure or access to the contents contained in the WEB-INF directory.
According to the developer, unsupported Apache Tomcat 3.x, 4.0.x, and 5.0.x may also be affected.
For more information, refer to the developer's website.
Minehiko Iida and Yuichiro Suzuki of Development Dept. II Application Management Middleware Div. FUJITSU LIMITED reported this vulnerability to IPA. JPCERT/CC coordinated with The Apache Software Foundation and the vendors under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000036.html",
"dc:date": "2012-09-28T13:35+09:00",
"dcterms:issued": "2009-06-18T17:53+09:00",
"dcterms:modified": "2012-09-28T13:35+09:00",
"description": "Apache Tomcat from The Apache Software Foundation contains an information disclosure vulnerability.\r\n\r\nApache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies.\r\nApache Tomcat contains a vulnerability which may allow information disclosure or access to the contents contained in the WEB-INF directory.\r\n\r\nAccording to the developer, unsupported Apache Tomcat 3.x, 4.0.x, and 5.0.x may also be affected.\r\nFor more information, refer to the developer\u0027s website.\r\n\r\nMinehiko Iida and Yuichiro Suzuki of Development Dept. II Application Management Middleware Div. FUJITSU LIMITED reported this vulnerability to IPA. JPCERT/CC coordinated with The Apache Software Foundation and the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000036.html",
"sec:cpe": [
{
"#text": "cpe:/a:apache:tomcat",
"@product": "Apache Tomcat",
"@vendor": "Apache Software Foundation",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
"@product": "Interstage Application Framework Suite",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_application_server",
"@product": "Interstage Application Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_apworks",
"@product": "Interstage Apworks",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_business_application_server",
"@product": "Interstage Business Application Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_job_workload_server",
"@product": "Interstage Job Workload Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_studio",
"@product": "Interstage Studio",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_web_server",
"@product": "Interstage Web Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:hp:tomcat-based_servlet_engine",
"@product": "HP-UX Tomcat-based Servlet Engine",
"@vendor": "Hewlett-Packard Development Company,L.P",
"@version": "2.2"
},
{
"#text": "cpe:/a:nec:infoframe_documentskipper",
"@product": "InfoFrame DocumentSkipper",
"@vendor": "NEC Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:nec:mcone",
"@product": "MCOne",
"@vendor": "NEC Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:nec:websam_securemaster",
"@product": "WebSAM SECUREMASTER",
"@vendor": "NEC Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:vmware:esx",
"@product": "VMware ESX",
"@vendor": "VMware",
"@version": "2.2"
},
{
"#text": "cpe:/a:vmware:server",
"@product": "VMware Server",
"@vendor": "VMware",
"@version": "2.2"
},
{
"#text": "cpe:/a:vmware:vcenter",
"@product": "VMware vCenter",
"@vendor": "VMware",
"@version": "2.2"
},
{
"#text": "cpe:/a:vmware:virtualcenter",
"@product": "VMware VirtualCenter",
"@vendor": "VMware",
"@version": "2.2"
},
{
"#text": "cpe:/o:apple:mac_os_x_server",
"@product": "Apple Mac OS X Server",
"@vendor": "Apple Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:hp:hp-ux",
"@product": "HP-UX",
"@vendor": "Hewlett-Packard Development Company,L.P",
"@version": "2.2"
},
{
"#text": "cpe:/o:misc:miraclelinux_asianux_server",
"@product": "Asianux Server",
"@vendor": "Cybertrust Japan Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:redhat:enterprise_linux",
"@product": "Red Hat Enterprise Linux",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:redhat:enterprise_linux_desktop",
"@product": "Red Hat Enterprise Linux Desktop",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:redhat:enterprise_linux_eus",
"@product": "Red Hat Enterprise Linux EUS",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:redhat:rhel_desktop_workstation",
"@product": "RHEL Desktop Workstation",
"@vendor": "Red Hat, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:sun:opensolaris",
"@product": "OpenSolaris",
"@vendor": "Sun Microsystems, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/o:sun:solaris",
"@product": "Sun Solaris",
"@vendor": "Sun Microsystems, Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-000036",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN63832775/index.html",
"@id": "JVN#63832775",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515",
"@id": "CVE-2008-5515",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5515",
"@id": "CVE-2008-5515",
"@source": "NVD"
},
{
"#text": "http://www.securityfocus.com/bid/35263",
"@id": "35263",
"@source": "BID"
},
{
"#text": "http://www.vupen.com/english/advisories/2009/1520",
"@id": "VUPEN/ADV-2009-1520",
"@source": "VUPEN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-200",
"@title": "Information Exposure(CWE-200)"
}
],
"title": "Apache Tomcat information disclosure vulnerability"
}
RHSA-2009:1143
Vulnerability from csaf_redhat - Published: 2009-07-06 11:42 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update
Severity
Important
Notes
Topic: Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix
various issues are now available for Red Hat Enterprise Linux 5 as JBEAP
4.2.0.CP07.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: JBoss Enterprise Application Platform is the market leading platform for
innovative and scalable Java applications; integrating the JBoss
Application Server, with JBoss Hibernate and JBoss Seam into a complete,
simple enterprise solution.
This release of JBEAP for Red Hat Enterprise Linux 5 serves as a
replacement to JBEAP 4.2.0.CP06.
These updated packages include bug fixes and enhancements which are
detailed in the release notes. The link to the release notes is available
below in the References section of this errata.
The following security issues are also fixed with this release:
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications deployed on JBossWeb when FORM-based authentication was used.
(CVE-2009-0580)
It was discovered that web applications containing their own XML parsers
could replace the XML parser JBossWeb uses to parse configuration files. A
malicious web application running on a JBossWeb instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same JBossWeb instance. (CVE-2009-0783)
Warning: before applying this update, please back up the JBEAP
"server/[configuration]/deploy/" directory, and any other customized
configuration files.
All users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to upgrade
to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
20 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1143 | self |
| http://www.redhat.com/docs/en-US/JBoss_Enterprise… | external |
| http://www.redhat.com/security/updates/classifica… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=499600 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix\nvarious issues are now available for Red Hat Enterprise Linux 5 as JBEAP\n4.2.0.CP07.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section of this errata.\n\nThe following security issues are also fixed with this release:\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications deployed on JBossWeb when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser JBossWeb uses to parse configuration files. A\nmalicious web application running on a JBossWeb instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1143",
"url": "https://access.redhat.com/errata/RHSA-2009:1143"
},
{
"category": "external",
"summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp07/html-single/Release_Notes/index.html",
"url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp07/html-single/Release_Notes/index.html"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "499600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=499600"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1143.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update",
"tracking": {
"current_release_date": "2025-11-21T17:34:50+00:00",
"generator": {
"date": "2025-11-21T17:34:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1143",
"initial_release_date": "2009-07-06T11:42:00+00:00",
"revision_history": [
{
"date": "2009-07-06T11:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-07-06T07:42:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el5.src",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el5.src",
"product_id": "jgroups-1:2.4.6-1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.2.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.1GA_CP01.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.3.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"product": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"product_id": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-5.GA_CP07.ep1.1.1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"product": {
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"product_id": "jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.13.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"product": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"product_id": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP07.5.1.ep1.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product_id": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_id": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations-javadoc@3.0.0-1jpp.ep1.5.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.10.1GA_CP01.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.1GA_CP01.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.4.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.3.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_id": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator-javadoc@3.0.0-1jpp.ep1.8.3.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product": {
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product_id": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-5.GA_CP07.ep1.1.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product_id": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-5.GA_CP07.ep1.1.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"product": {
"name": "jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"product_id": "jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.13.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"product": {
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"product_id": "jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.13.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_id": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP07.5.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product": {
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_id": "jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-client@4.2.0-4.GA_CP07.5.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product": {
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_id": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-4.2.0.GA_CP07-bin@4.2.0-4.GA_CP07.5.1.ep1.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.13.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch"
},
"product_reference": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch"
},
"product_reference": "jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1143"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1143"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1143"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.2.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.2.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.13.el5.src",
"5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.13.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP07.5.1.ep1.el5.src",
"5Server-JBEAP-4.2.0:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossas-client-0:4.2.0-4.GA_CP07.5.1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.2.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch",
"5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.1.el5.src",
"5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.1.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
RHSA-2009:1144
Vulnerability from csaf_redhat - Published: 2009-07-06 11:42 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update
Severity
Important
Notes
Topic: Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix
various issues are now available for Red Hat Enterprise Linux 4 as JBEAP
4.2.0.CP07.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: JBoss Enterprise Application Platform is the market leading platform for
innovative and scalable Java applications; integrating the JBoss
Application Server, with JBoss Hibernate and JBoss Seam into a complete,
simple enterprise solution.
This release of JBEAP for Red Hat Enterprise Linux 4 serves as a
replacement to JBEAP 4.2.0.CP06.
These updated packages include bug fixes and enhancements which are
detailed in the release notes. The link to the release notes is available
below in the References section of this errata.
The following security issues are also fixed with this release:
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications deployed on JBossWeb when FORM-based authentication was used.
(CVE-2009-0580)
It was discovered that web applications containing their own XML parsers
could replace the XML parser JBossWeb uses to parse configuration files. A
malicious web application running on a JBossWeb instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same JBossWeb instance. (CVE-2009-0783)
Warning: before applying this update, please back up the JBEAP
"server/[configuration]/deploy/" directory, and any other customized
configuration files.
All users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to upgrade
to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
82 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
82 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
82 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
20 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1144 | self |
| https://access.redhat.com/security/updates/classi… | external |
| http://www.redhat.com/docs/en-US/JBoss_Enterprise… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=499605 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix\nvarious issues are now available for Red Hat Enterprise Linux 4 as JBEAP\n4.2.0.CP07.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.2.0.CP06.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section of this errata.\n\nThe following security issues are also fixed with this release:\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications deployed on JBossWeb when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser JBossWeb uses to parse configuration files. A\nmalicious web application running on a JBossWeb instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.2 on Red Hat Enterprise Linux 4 are advised to upgrade\nto these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1144",
"url": "https://access.redhat.com/errata/RHSA-2009:1144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp07/html-single/Release_Notes/index.html",
"url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp07/html-single/Release_Notes/index.html"
},
{
"category": "external",
"summary": "499605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=499605"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1144.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update",
"tracking": {
"current_release_date": "2025-11-21T17:34:53+00:00",
"generator": {
"date": "2025-11-21T17:34:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1144",
"initial_release_date": "2009-07-06T11:42:00+00:00",
"revision_history": [
{
"date": "2009-07-06T11:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-07-06T07:42:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product_id": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch02.1jpp.ep1.2.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el4.src",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src",
"product_id": "jgroups-1:2.4.6-1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product_id": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.ep1.2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.GA_CP01.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"product": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"product_id": "jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.19.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"product": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"product_id": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-5.GA_CP07.ep1.1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"product": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"product_id": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP07.5.ep1.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product_id": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch02.1jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product_id": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product_id": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.ep1.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_id": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations-javadoc@3.0.0-1jpp.ep1.5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.GA_CP01.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.10.GA_CP01.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.4.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_id": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator-javadoc@3.0.0-1jpp.ep1.8.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"product": {
"name": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"product_id": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.19.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"product": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"product_id": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.19.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product": {
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product_id": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-5.GA_CP07.ep1.1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product_id": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-5.GA_CP07.ep1.1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product": {
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_id": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-client@4.2.0-4.GA_CP07.5.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product": {
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_id": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-4.2.0.GA_CP07-bin@4.2.0-4.GA_CP07.5.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_id": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP07.5.ep1.el4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-1.ep1.19.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src"
},
"product_reference": "jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src"
},
"product_reference": "jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch"
},
"product_reference": "jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src"
},
"product_reference": "rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1144"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1144"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1144"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4AS-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.19.el4.src",
"4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.19.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-0:4.2.0-4.GA_CP07.5.ep1.el4.src",
"4ES-JBEAP:jbossas-4.2.0.GA_CP07-bin-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossas-client-0:4.2.0-4.GA_CP07.5.ep1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:rh-eap-docs-0:4.2.0-5.GA_CP07.ep1.1.el4.src",
"4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-5.GA_CP07.ep1.1.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
RHSA-2009:1145
Vulnerability from csaf_redhat - Published: 2009-07-06 11:41 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update
Severity
Important
Notes
Topic: Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix
various issues are now available for Red Hat Enterprise Linux 5 as JBEAP
4.3.0.CP05.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: JBoss Enterprise Application Platform is the market leading platform for
innovative and scalable Java applications; integrating the JBoss
Application Server, with JBoss Hibernate and JBoss Seam into a complete,
simple enterprise solution.
This release of JBEAP for Red Hat Enterprise Linux 5 serves as a
replacement to JBEAP 4.3.0.CP04.
These updated packages include bug fixes and enhancements which are
detailed in the release notes. The link to the release notes is available
below in the References section of this errata.
The following security issues are also fixed with this release:
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications deployed on JBossWeb when FORM-based authentication was used.
(CVE-2009-0580)
It was discovered that web applications containing their own XML parsers
could replace the XML parser JBossWeb uses to parse configuration files. A
malicious web application running on a JBossWeb instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same JBossWeb instance. (CVE-2009-0783)
Warning: before applying this update, please back up the JBEAP
"server/[configuration]/deploy/" directory, and any other customized
configuration files.
All users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade
to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
20 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1145 | self |
| http://www.redhat.com/security/updates/classifica… | external |
| http://www.redhat.com/docs/en-US/JBoss_Enterprise… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=499602 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix\nvarious issues are now available for Red Hat Enterprise Linux 5 as JBEAP\n4.3.0.CP05.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 serves as a\nreplacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section of this errata.\n\nThe following security issues are also fixed with this release:\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications deployed on JBossWeb when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser JBossWeb uses to parse configuration files. A\nmalicious web application running on a JBossWeb instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 5 are advised to upgrade\nto these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1145",
"url": "https://access.redhat.com/errata/RHSA-2009:1145"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp05/html-single/Release_Notes/index.html",
"url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp05/html-single/Release_Notes/index.html"
},
{
"category": "external",
"summary": "499602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=499602"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1145.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update",
"tracking": {
"current_release_date": "2025-11-21T17:34:51+00:00",
"generator": {
"date": "2025-11-21T17:34:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1145",
"initial_release_date": "2009-07-06T11:41:00+00:00",
"revision_history": [
{
"date": "2009-07-06T11:41:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-07-06T07:41:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"product": {
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"product_id": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.11.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"product": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"product_id": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-spi@1.0.0-1.GA_CP02.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el5.src",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el5.src",
"product_id": "jgroups-1:2.4.6-1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"product": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"product_id": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP04.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"product": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"product_id": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP04.2.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"product": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"product_id": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws@2.0.1-3.SP2_CP06.3.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"product": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"product_id": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-2.SP3_CP08.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.2.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.1GA_CP01.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.1.ep1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.3.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"product": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"product": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"product_id": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-5.GA_CP05.ep1.2.1.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"product": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"product_id": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.3.0-4.GA_CP05.6.1.ep1.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"product": {
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"product_id": "glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-javadoc@2.1.4-1.11.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"product": {
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"product_id": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.11.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"product": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"product_id": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-spi@1.0.0-1.GA_CP02.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product_id": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"product": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"product_id": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP04.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"product": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"product_id": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP04.2.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product_id": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws@2.0.1-3.SP2_CP06.3.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product": {
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product_id": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-native42@2.0.1-3.SP2_CP06.3.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"product": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"product_id": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-2.SP3_CP08.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_id": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations-javadoc@3.0.0-1jpp.ep1.5.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.2.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.10.1GA_CP01.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.1GA_CP01.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.4.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.3.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_id": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator-javadoc@3.0.0-1jpp.ep1.8.3.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product": {
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product_id": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product": {
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product_id": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.3.0-5.GA_CP05.ep1.2.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product_id": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-5.GA_CP05.ep1.2.1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_id": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.3.0-4.GA_CP05.6.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product": {
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_id": "jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-client@4.3.0-4.GA_CP05.6.1.ep1.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product": {
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_id": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-4.3.0.GA_CP05-bin@4.3.0-4.GA_CP05.6.1.ep1.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch"
},
"product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch"
},
"product_reference": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch"
},
"product_reference": "jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch"
},
"product_reference": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
"product_id": "5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-4.3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1145"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1145"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1145"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.1GA_CP01.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.1GA_CP01.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.2.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.2.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.3.el5.src",
"5Server-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.3.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.noarch",
"5Server-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el5.src",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.src",
"5Server-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.11.el5.1.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el5.src",
"5Server-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el5.src",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.noarch",
"5Server-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch",
"5Server-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.1.el5.src",
"5Server-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.1.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
RHSA-2009:1146
Vulnerability from csaf_redhat - Published: 2009-07-06 11:41 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update
Severity
Important
Notes
Topic: Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix
various issues are now available for Red Hat Enterprise Linux 4 as JBEAP
4.3.0.CP05.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: JBoss Enterprise Application Platform is the market leading platform for
innovative and scalable Java applications; integrating the JBoss
Application Server, with JBoss Hibernate and JBoss Seam into a complete,
simple enterprise solution.
This release of JBEAP for Red Hat Enterprise Linux 4 serves as a
replacement to JBEAP 4.3.0.CP04.
These updated packages include bug fixes and enhancements which are
detailed in the release notes. The link to the release notes is available
below in the References section of this errata.
The following security issues are also fixed with this release:
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications deployed on JBossWeb when FORM-based authentication was used.
(CVE-2009-0580)
It was discovered that web applications containing their own XML parsers
could replace the XML parser JBossWeb uses to parse configuration files. A
malicious web application running on a JBossWeb instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same JBossWeb instance. (CVE-2009-0783)
Warning: before applying this update, please back up the JBEAP
"server/[configuration]/deploy/" directory, and any other customized
configuration files.
All users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to upgrade
to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
110 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
110 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
110 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
20 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1146 | self |
| http://www.redhat.com/docs/en-US/JBoss_Enterprise… | external |
| http://www.redhat.com/security/updates/classifica… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=499608 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix\nvarious issues are now available for Red Hat Enterprise Linux 4 as JBEAP\n4.3.0.CP05.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Enterprise Application Platform is the market leading platform for\ninnovative and scalable Java applications; integrating the JBoss\nApplication Server, with JBoss Hibernate and JBoss Seam into a complete,\nsimple enterprise solution.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 serves as a\nreplacement to JBEAP 4.3.0.CP04.\n\nThese updated packages include bug fixes and enhancements which are\ndetailed in the release notes. The link to the release notes is available\nbelow in the References section of this errata.\n\nThe following security issues are also fixed with this release:\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications deployed on JBossWeb when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser JBossWeb uses to parse configuration files. A\nmalicious web application running on a JBossWeb instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same JBossWeb instance. (CVE-2009-0783)\n\nWarning: before applying this update, please back up the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP 4.3 on Red Hat Enterprise Linux 4 are advised to upgrade\nto these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1146",
"url": "https://access.redhat.com/errata/RHSA-2009:1146"
},
{
"category": "external",
"summary": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp05/html-single/Release_Notes/index.html",
"url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp05/html-single/Release_Notes/index.html"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "499608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=499608"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1146.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update",
"tracking": {
"current_release_date": "2025-11-21T17:34:51+00:00",
"generator": {
"date": "2025-11-21T17:34:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1146",
"initial_release_date": "2009-07-06T11:41:00+00:00",
"revision_history": [
{
"date": "2009-07-06T11:41:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-07-06T07:41:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"product": {
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"product_id": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-javadoc@2.1.4-1.11.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"product": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"product_id": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.11.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product_id": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch02.1jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"product": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"product_id": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-spi@1.0.0-1.GA_CP02.1.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product_id": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"product": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"product_id": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP04.1.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"product": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"product_id": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP04.2.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product_id": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.ep1.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"product": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"product_id": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-2.SP3_CP08.1.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product": {
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product_id": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-native42@2.0.1-3.SP2_CP06.3.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product_id": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws@2.0.1-3.SP2_CP06.3.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_id": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_id": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations-javadoc@3.0.0-1jpp.ep1.5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.GA_CP01.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_id": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.3.1-1.10.GA_CP01.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product_id": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.3.2-2.4.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_id": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator-javadoc@3.0.0-1jpp.ep1.8.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product": {
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product_id": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product": {
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product_id": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.3.0-5.GA_CP05.ep1.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product_id": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-5.GA_CP05.ep1.2.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product": {
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_id": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-4.3.0.GA_CP05-bin@4.3.0-4.GA_CP05.6.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product": {
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_id": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-client@4.3.0-4.GA_CP05.6.ep1.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_id": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.3.0-4.GA_CP05.6.ep1.el4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"product": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"product_id": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.1.4-1.11.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product_id": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch02.1jpp.ep1.2.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"product": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"product_id": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-spi@1.0.0-1.GA_CP02.1.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jgroups-1:2.4.6-1.ep1.el4.src",
"product": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src",
"product_id": "jgroups-1:2.4.6-1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@2.4.6-1.ep1.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"product": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"product_id": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-common@1.0.0-2.GA_CP04.1.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"product": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"product_id": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws-framework@2.0.1-1.GA_CP04.2.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product_id": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-cache@1.4.1-6.SP13.1.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product_id": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.2.3-1.SP5_CP05.1jpp.ep1.1.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product_id": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-slide-webdavclient@2.1-9.2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product_id": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.7.1-9jpp.ep1.2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"product": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"product_id": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-messaging@1.4.0-2.SP3_CP08.1.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product_id": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting@2.2.3-2.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"product": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"product_id": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossws@2.0.1-3.SP2_CP06.3.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product_id": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP08.0jpp.ep1.2.el4?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product_id": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-commons-annotations@3.0.0-1jpp.ep1.5.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product_id": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-annotations@3.3.1-1.10.GA_CP01.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product_id": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.3.2-2.4.ep1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product_id": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate3-validator@3.0.0-1jpp.ep1.8.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product_id": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@2.0.0-6.CP11.0jpp.ep1.1.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"product": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"product_id": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-seam@1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"product": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"product_id": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-eap-docs@4.3.0-5.GA_CP05.ep1.2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"product": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"product_id": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.3.0-4.GA_CP05.6.ep1.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch"
},
"product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch"
},
"product_reference": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
"product_id": "4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"relates_to_product_reference": "4AS-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src"
},
"product_reference": "glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch"
},
"product_reference": "glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src"
},
"product_reference": "hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src"
},
"product_reference": "hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch"
},
"product_reference": "hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src"
},
"product_reference": "hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch"
},
"product_reference": "hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src"
},
"product_reference": "hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch"
},
"product_reference": "hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch"
},
"product_reference": "hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src"
},
"product_reference": "hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch"
},
"product_reference": "hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src"
},
"product_reference": "hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src"
},
"product_reference": "jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src"
},
"product_reference": "jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src"
},
"product_reference": "jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting-0:2.2.3-2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src"
},
"product_reference": "jboss-remoting-0:2.2.3-2.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src"
},
"product_reference": "jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch"
},
"product_reference": "jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src"
},
"product_reference": "jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch"
},
"product_reference": "jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src"
},
"product_reference": "jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src"
},
"product_reference": "jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src"
},
"product_reference": "jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src"
},
"product_reference": "jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src"
},
"product_reference": "jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch"
},
"product_reference": "jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src"
},
"product_reference": "jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:2.4.6-1.ep1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src"
},
"product_reference": "jgroups-1:2.4.6-1.ep1.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src"
},
"product_reference": "rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch"
},
"product_reference": "rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
"product_id": "4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
},
"product_reference": "xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"relates_to_product_reference": "4ES-JBEAP-4.3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1146"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1146"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-06T11:41:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1146"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4AS-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4AS-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4AS-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4AS-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4AS-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4AS-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4AS-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4AS-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:glassfish-jaxb-0:2.1.4-1.11.ep1.el4.src",
"4ES-JBEAP-4.3.0:glassfish-jaxb-javadoc-0:2.1.4-1.11.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-annotations-0:3.3.1-1.10.GA_CP01.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-annotations-javadoc-0:3.3.1-1.10.GA_CP01.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-0:3.0.0-1jpp.ep1.5.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-commons-annotations-javadoc-0:3.0.0-1jpp.ep1.5.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-0:3.3.2-2.4.ep1.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-entitymanager-javadoc-0:3.3.2-2.4.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-javadoc-1:3.2.4-1.SP1_CP08.0jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hibernate3-validator-0:3.0.0-1jpp.ep1.8.el4.src",
"4ES-JBEAP-4.3.0:hibernate3-validator-javadoc-0:3.0.0-1jpp.ep1.8.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:hsqldb-1:1.8.0.8-2.patch02.1jpp.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.noarch",
"4ES-JBEAP-4.3.0:jakarta-slide-webdavclient-0:2.1-9.2.el4.src",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-cache-0:1.4.1-6.SP13.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-messaging-0:1.4.0-2.SP3_CP08.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-remoting-0:2.2.3-2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.src",
"4ES-JBEAP-4.3.0:jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.15.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-0:4.3.0-4.GA_CP05.6.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossas-4.3.0.GA_CP05-bin-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossas-client-0:4.3.0-4.GA_CP05.6.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossts-1:4.2.3-1.SP5_CP05.1jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossweb-0:2.0.0-6.CP11.0jpp.ep1.1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-0:2.0.1-3.SP2_CP06.3.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-common-0:1.0.0-2.GA_CP04.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-framework-0:2.0.1-1.GA_CP04.2.ep1.el4.src",
"4ES-JBEAP-4.3.0:jbossws-native42-0:2.0.1-3.SP2_CP06.3.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jbossws-spi-0:1.0.0-1.GA_CP02.1.ep1.el4.src",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.noarch",
"4ES-JBEAP-4.3.0:jgroups-1:2.4.6-1.ep1.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:rh-eap-docs-0:4.3.0-5.GA_CP05.ep1.2.el4.src",
"4ES-JBEAP-4.3.0:rh-eap-docs-examples-0:4.3.0-5.GA_CP05.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.noarch",
"4ES-JBEAP-4.3.0:xerces-j2-0:2.7.1-9jpp.ep1.2.el4.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
RHSA-2009:1164
Vulnerability from csaf_redhat - Published: 2009-07-21 20:50 - Updated: 2025-11-21 17:34Summary
Red Hat Security Advisory: tomcat security update
Severity
Important
Notes
Topic: Updated tomcat packages that fix several security issues are now available
for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not
address all possible flaws in the way Tomcat handles certain characters and
character sequences in cookie values. A remote attacker could use this flaw
to obtain sensitive information, such as session IDs, and then use this
information for session hijacking attacks. (CVE-2007-5333)
Note: The fix for the CVE-2007-5333 flaw changes the default cookie
processing behavior: with this update, version 0 cookies that contain
values that must be quoted to be valid are automatically changed to version
1 cookies. To reactivate the previous, but insecure behavior, add the
following entry to the "/etc/tomcat5/catalina.properties" file:
org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)
connector processes AJP connections. An attacker could use this flaw to
send specially-crafted requests that would cause a temporary denial of
service. (CVE-2009-0033)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications running on Tomcat when FORM-based authentication was used.
(CVE-2009-0580)
A cross-site scripting (XSS) flaw was found in the examples calendar
application. With some web browsers, remote attackers could use this flaw
to inject arbitrary web script or HTML via the "time" parameter.
(CVE-2009-0781)
It was discovered that web applications containing their own XML parsers
could replace the XML parser Tomcat uses to parse configuration files. A
malicious web application running on a Tomcat instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same Tomcat instance. (CVE-2009-0783)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
5.0 ()
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
4.3 ()
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
189 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
34 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1164 | self |
| https://access.redhat.com/security/updates/classi… | external |
| http://tomcat.apache.org/security-5.html | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=427766 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=489028 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=493381 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2007-5333 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=427766 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-5333 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-5333 | external |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0033 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=493381 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0033 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0033 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0781 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=489028 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0781 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0781 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not\naddress all possible flaws in the way Tomcat handles certain characters and\ncharacter sequences in cookie values. A remote attacker could use this flaw\nto obtain sensitive information, such as session IDs, and then use this\ninformation for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: with this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nA cross-site scripting (XSS) flaw was found in the examples calendar\napplication. With some web browsers, remote attackers could use this flaw\nto inject arbitrary web script or HTML via the \"time\" parameter.\n(CVE-2009-0781)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1164",
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-5.html",
"url": "http://tomcat.apache.org/security-5.html"
},
{
"category": "external",
"summary": "427766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766"
},
{
"category": "external",
"summary": "489028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=489028"
},
{
"category": "external",
"summary": "493381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1164.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2025-11-21T17:34:54+00:00",
"generator": {
"date": "2025-11-21T17:34:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1164",
"initial_release_date": "2009-07-21T20:50:00+00:00",
"revision_history": [
{
"date": "2009-07-21T20:50:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-07-21T16:56:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:34:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.7.el5_3.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.7.el5_3.2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.7.el5_3.2?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.7.el5_3.2?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.7.el5_3.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-5333",
"discovery_date": "2008-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "427766"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (\") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Improve cookie parsing for tomcat5",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-5333\n\nThe Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-5333"
},
{
"category": "external",
"summary": "RHBZ#427766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333"
}
],
"release_date": "2008-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Improve cookie parsing for tomcat5"
},
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0033",
"discovery_date": "2009-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "493381"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Denial-Of-Service with AJP connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0033"
},
{
"category": "external",
"summary": "RHBZ#493381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat6 Denial-Of-Service with AJP connection"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0781",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2009-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "489028"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to \"invalid HTML.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: XSS in Apache Tomcat calendar application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0781\n\nThe Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0781"
},
{
"category": "external",
"summary": "RHBZ#489028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=489028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0781",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0781"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0781",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0781"
}
],
"release_date": "2009-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: XSS in Apache Tomcat calendar application"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-07-21T20:50:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1164"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client-Workstation:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Client:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Client:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.src",
"5Server:tomcat5-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-common-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.ppc64",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-debuginfo-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-server-lib-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.7.el5_3.2.x86_64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.i386",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ia64",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.ppc",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.s390x",
"5Server:tomcat5-webapps-0:5.5.23-0jpp.7.el5_3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
RHSA-2009:1454
Vulnerability from csaf_redhat - Published: 2009-09-21 15:51 - Updated: 2025-11-21 17:35Summary
Red Hat Security Advisory: tomcat5 security update
Severity
Important
Notes
Topic: Updated tomcat5 packages that fix several security issues are now available
for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
[Updated 23 September 2009]
This erratum has been updated to include replacement packages for JBoss
Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. The original
packages did not contain a fix for the low security impact issue
CVE-2009-0783. The packages for JBoss Enterprise Web Server 1.0.0 for Red
Hat Enterprise Linux 5 are unchanged as they included the fix for
CVE-2009-0783.
Details: Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was discovered that Tomcat does not properly handle a certain character
and character sequence in cookie values. A remote attacker could use this
flaw to obtain sensitive information, such as session IDs, and then use
this information for session hijacking attacks. (CVE-2007-5333)
Note: The fix for the CVE-2007-5333 flaw changes the default cookie
processing behavior: With this update, version 0 cookies that contain
values that must be quoted to be valid are automatically changed to version
1 cookies. To reactivate the previous, but insecure behavior, add the
following entry to the "/etc/tomcat5/catalina.properties" file:
org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false
It was discovered that request dispatchers did not properly normalize user
requests that have trailing query strings, allowing remote attackers to
send specially-crafted requests that would cause an information leak.
(CVE-2008-5515)
A flaw was found in the way the Tomcat AJP (Apache JServ Protocol)
connector processes AJP connections. An attacker could use this flaw to
send specially-crafted requests that would cause a temporary denial of
service. (CVE-2009-0033)
It was discovered that the error checking methods of certain authentication
classes did not have sufficient error checking, allowing remote attackers
to enumerate (via brute force methods) usernames registered with
applications running on Tomcat when FORM-based authentication was used.
(CVE-2009-0580)
It was discovered that web applications containing their own XML parsers
could replace the XML parser Tomcat uses to parse configuration files. A
malicious web application running on a Tomcat instance could read or,
potentially, modify the configuration and XML-based data of other web
applications deployed on the same Tomcat instance. (CVE-2009-0783)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
5.0 ()
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
5.0 ()
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
1.5 ()
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
29 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2009:1454 | self |
| https://access.redhat.com/security/updates/classi… | external |
| http://tomcat.apache.org/security-5.html | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=427766 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=493381 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2007-5333 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=427766 | external |
| https://www.cve.org/CVERecord?id=CVE-2007-5333 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2007-5333 | external |
| https://access.redhat.com/security/cve/CVE-2008-5515 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504753 | external |
| https://www.cve.org/CVERecord?id=CVE-2008-5515 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2008-5515 | external |
| https://access.redhat.com/security/cve/CVE-2009-0033 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=493381 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0033 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0033 | external |
| https://access.redhat.com/security/cve/CVE-2009-0580 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=503978 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0580 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0580 | external |
| https://access.redhat.com/security/cve/CVE-2009-0783 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=504153 | external |
| https://www.cve.org/CVERecord?id=CVE-2009-0783 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2009-0783 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat5 packages that fix several security issues are now available\nfor JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.\n\n[Updated 23 September 2009]\nThis erratum has been updated to include replacement packages for JBoss\nEnterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. The original\npackages did not contain a fix for the low security impact issue\nCVE-2009-0783. The packages for JBoss Enterprise Web Server 1.0.0 for Red\nHat Enterprise Linux 5 are unchanged as they included the fix for\nCVE-2009-0783.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was discovered that Tomcat does not properly handle a certain character\nand character sequence in cookie values. A remote attacker could use this\nflaw to obtain sensitive information, such as session IDs, and then use\nthis information for session hijacking attacks. (CVE-2007-5333)\n\nNote: The fix for the CVE-2007-5333 flaw changes the default cookie\nprocessing behavior: With this update, version 0 cookies that contain\nvalues that must be quoted to be valid are automatically changed to version\n1 cookies. To reactivate the previous, but insecure behavior, add the\nfollowing entry to the \"/etc/tomcat5/catalina.properties\" file:\n\norg.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false\n\nIt was discovered that request dispatchers did not properly normalize user\nrequests that have trailing query strings, allowing remote attackers to\nsend specially-crafted requests that would cause an information leak.\n(CVE-2008-5515)\n\nA flaw was found in the way the Tomcat AJP (Apache JServ Protocol)\nconnector processes AJP connections. An attacker could use this flaw to\nsend specially-crafted requests that would cause a temporary denial of\nservice. (CVE-2009-0033)\n\nIt was discovered that the error checking methods of certain authentication\nclasses did not have sufficient error checking, allowing remote attackers\nto enumerate (via brute force methods) usernames registered with\napplications running on Tomcat when FORM-based authentication was used.\n(CVE-2009-0580)\n\nIt was discovered that web applications containing their own XML parsers\ncould replace the XML parser Tomcat uses to parse configuration files. A\nmalicious web application running on a Tomcat instance could read or,\npotentially, modify the configuration and XML-based data of other web\napplications deployed on the same Tomcat instance. (CVE-2009-0783)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1454",
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-5.html",
"url": "http://tomcat.apache.org/security-5.html"
},
{
"category": "external",
"summary": "427766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766"
},
{
"category": "external",
"summary": "493381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381"
},
{
"category": "external",
"summary": "503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1454.json"
}
],
"title": "Red Hat Security Advisory: tomcat5 security update",
"tracking": {
"current_release_date": "2025-11-21T17:35:12+00:00",
"generator": {
"date": "2025-11-21T17:35:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1454",
"initial_release_date": "2009-09-21T15:51:00+00:00",
"revision_history": [
{
"date": "2009-09-21T15:51:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-09-23T11:15:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:35:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product": {
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product": {
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_id": "tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.6.ep5.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-webapps@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product": {
"name": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_id": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5-jasper@5.5.23-1.patch07.19.ep5.el4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"product": {
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"product_id": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.6.ep5.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"product": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"product_id": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat5@5.5.23-1.patch07.19.ep5.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src"
},
"product_reference": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src"
},
"product_reference": "tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch"
},
"product_reference": "tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src"
},
"product_reference": "tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
},
"product_reference": "tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-5333",
"discovery_date": "2008-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "427766"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (\") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Improve cookie parsing for tomcat5",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-5333\n\nThe Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-5333"
},
{
"category": "external",
"summary": "RHBZ#427766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333"
}
],
"release_date": "2008-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:51:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Improve cookie parsing for tomcat5"
},
{
"cve": "CVE-2008-5515",
"discovery_date": "2009-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504753"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat request dispatcher information disclosure vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5515"
},
{
"category": "external",
"summary": "RHBZ#504753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5515",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515"
}
],
"release_date": "2009-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:51:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat request dispatcher information disclosure vulnerability"
},
{
"cve": "CVE-2009-0033",
"discovery_date": "2009-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "493381"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Denial-Of-Service with AJP connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0033"
},
{
"category": "external",
"summary": "RHBZ#493381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:51:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat6 Denial-Of-Service with AJP connection"
},
{
"cve": "CVE-2009-0580",
"discovery_date": "2009-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "503978"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat6 Information disclosure in authentication classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0580"
},
{
"category": "external",
"summary": "RHBZ#503978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0580",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580"
}
],
"release_date": "2009-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:51:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat6 Information disclosure in authentication classes"
},
{
"cve": "CVE-2009-0783",
"discovery_date": "2009-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "504153"
}
],
"notes": [
{
"category": "description",
"text": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat XML parser information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0783"
},
{
"category": "external",
"summary": "RHBZ#504153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0783",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0783"
}
],
"release_date": "2009-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:51:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1454"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-0:5.5.23-1.patch07.19.ep5.el4.src",
"4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-1.patch07.19.ep5.el4.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-0:5.5.23-0jpp.9.6.ep5.el5.src",
"5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.6.ep5.el5.noarch",
"5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.23-0jpp.9.6.ep5.el5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat XML parser information disclosure"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…