2.6 - CVE-2007-1358

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2007-1358	First vendor Publication	2007-05-09
Vendor	Cve	Last vendor Modification	2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Cvss Base Score	2.6	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10679

Oval ID:	oval:org.mitre.oval:def:10679
Title:	Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
Description:	Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-1358	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND jakarta-commons-modeler is earlier than 0:1.1-8jpp.1.0.2.el5 AND tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND jakarta-commons-modeler-javadoc is earlier than 0:1.1-8jpp.1.0.2.el5 AND tomcat5-webapps is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5 is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-jasper is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-server-lib is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-common-lib is earlier than 0:5.5.23-0jpp.1.0.3.el5 AND tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.1.0.3.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Tomcat cpe:2.3:a:apache:tomcat:4.1.9:beta:::::: cpe:2.3:a:apache:tomcat:4.1.9:::::::* cpe:2.3:a:apache:tomcat:4.1.8:::::::* cpe:2.3:a:apache:tomcat:4.1.7:::::::* cpe:2.3:a:apache:tomcat:4.1.6:::::::* cpe:2.3:a:apache:tomcat:4.1.5:::::::* cpe:2.3:a:apache:tomcat:4.1.4:::::::* cpe:2.3:a:apache:tomcat:4.1.31:::::::* cpe:2.3:a:apache:tomcat:4.1.30:::::::* cpe:2.3:a:apache:tomcat:4.1.3:beta:::::: cpe:2.3:a:apache:tomcat:4.1.3:::::::* cpe:2.3:a:apache:tomcat:4.1.29:alpha:::::: cpe:2.3:a:apache:tomcat:4.1.29:::::::* cpe:2.3:a:apache:tomcat:4.1.28:::::::* cpe:2.3:a:apache:tomcat:4.1.28:alpha:::::: cpe:2.3:a:apache:tomcat:4.1.27:::::::* cpe:2.3:a:apache:tomcat:4.1.26:::::::* cpe:2.3:a:apache:tomcat:4.1.25:::::::* cpe:2.3:a:apache:tomcat:4.1.24:::::::* cpe:2.3:a:apache:tomcat:4.1.23:::::::* cpe:2.3:a:apache:tomcat:4.1.22:::::::* cpe:2.3:a:apache:tomcat:4.1.21:::::::* cpe:2.3:a:apache:tomcat:4.1.20:::::::* cpe:2.3:a:apache:tomcat:4.1.2:::::::* cpe:2.3:a:apache:tomcat:4.1.19:::::::* cpe:2.3:a:apache:tomcat:4.1.18:::::::* cpe:2.3:a:apache:tomcat:4.1.17:::::::* cpe:2.3:a:apache:tomcat:4.1.16:::::::* cpe:2.3:a:apache:tomcat:4.1.15:::::::* cpe:2.3:a:apache:tomcat:4.1.14:::::::* cpe:2.3:a:apache:tomcat:4.1.13:::::::* cpe:2.3:a:apache:tomcat:4.1.12:::::::* cpe:2.3:a:apache:tomcat:4.1.11:::::::* cpe:2.3:a:apache:tomcat:4.1.10:::::::* cpe:2.3:a:apache:tomcat:4.1.1:::::::* cpe:2.3:a:apache:tomcat:4.1.0:::::::* cpe:2.3:a:apache:tomcat:4.0.6:::::::* cpe:2.3:a:apache:tomcat:4.0.5:::::::* cpe:2.3:a:apache:tomcat:4.0.4:::::::* cpe:2.3:a:apache:tomcat:4.0.3:::::::* cpe:2.3:a:apache:tomcat:4.0.2:::::::* cpe:2.3:a:apache:tomcat:4.0.1:::::::* cpe:2.3:a:apache:tomcat:4.0.0:::::::* cpe:2.3:a:apache:tomcat:4:::::::* cpe:2.3:a:apache:tomcat:3.3.2:::::::* cpe:2.3:a:apache:tomcat:3.3.1a:::::::* cpe:2.3:a:apache:tomcat:3.3.1:::::::* cpe:2.3:a:apache:tomcat:3.3:::::::* cpe:2.3:a:apache:tomcat:3.2.4:::::::* cpe:2.3:a:apache:tomcat:3.2.3:::::::* cpe:2.3:a:apache:tomcat:3.2.2:::::::* cpe:2.3:a:apache:tomcat:3.2.2:beta2:::::: cpe:2.3:a:apache:tomcat:3.2.1:::::::* cpe:2.3:a:apache:tomcat:3.2:::::::* cpe:2.3:a:apache:tomcat:3.1.1:::::::* cpe:2.3:a:apache:tomcat:3.1:::::::* cpe:2.3:a:apache:tomcat:3.0:::::::* cpe:2.3:a:apache:tomcat:1.1.3:::::::* cpe:2.3:a:apache:tomcat:::::::: cpe:2.3:a:apache:tomcat:-:::::::*	60

OpenVAS Exploits

Date	Description
2009-05-05	Name : HP-UX Update for Apache HPSBUX02262 File : nvt/gb_hp_ux_HPSBUX02262.nasl
2009-02-27	Name : Fedora Update for tomcat5 FEDORA-2007-3456 File : nvt/gb_fedora_2007_3456_tomcat5_fc7.nasl
2009-02-27	Name : Fedora Update for tomcat5 FEDORA-2007-3474 File : nvt/gb_fedora_2007_3474_tomcat5_fc8.nasl
2009-02-17	Name : Fedora Update for tomcat5 FEDORA-2008-8130 File : nvt/gb_fedora_2008_8130_tomcat5_fc8.nasl
2009-02-16	Name : Fedora Update for tomcat5 FEDORA-2008-1467 File : nvt/gb_fedora_2008_1467_tomcat5_fc7.nasl
2009-02-16	Name : Fedora Update for tomcat5 FEDORA-2008-1603 File : nvt/gb_fedora_2008_1603_tomcat5_fc8.nasl
2009-02-02	Name : Ubuntu USN-710-1 (xine-lib) File : nvt/ubuntu_710_1.nasl
2009-02-02	Name : Ubuntu USN-711-1 (ktorrent) File : nvt/ubuntu_711_1.nasl
2009-02-02	Name : Ubuntu USN-712-1 (vim) File : nvt/ubuntu_712_1.nasl
2008-09-04	Name : FreeBSD Ports: apache-tomcat File : nvt/freebsd_apache-tomcat0.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
34881	Apache Tomcat Malformed Accept-Language Header XSS Apache Tomcat contains a flaw that allows a remote cross site scripting attack. This flaw exists because the server does not validate user-supplied Accept-Language headers. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Description

34881

Apache Tomcat Malformed Accept-Language Header XSS

Apache Tomcat contains a flaw that allows a remote cross site scripting attack. This flaw exists because the server does not validate user-supplied Accept-Language headers. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0327.nasl - Type : ACT_GATHER_INFO
2011-11-18	Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_4_1_36.nasl - Type : ACT_GATHER_INFO
2010-06-11	Name : The remote web server is affected by multiple vulnerabilities. File : tomcat_5_5_21.nasl - Type : ACT_GATHER_INFO
2010-01-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO
2010-01-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO
2010-01-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0630.nasl - Type : ACT_GATHER_INFO
2008-09-17	Name : The remote Fedora host is missing a security update. File : fedora_2008-8130.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Fedora host is missing a security update. File : fedora_2008-1467.nasl - Type : ACT_GATHER_INFO
2008-02-14	Name : The remote Fedora host is missing a security update. File : fedora_2008-1603.nasl - Type : ACT_GATHER_INFO
2007-11-20	Name : The remote Fedora host is missing a security update. File : fedora_2007-3456.nasl - Type : ACT_GATHER_INFO
2007-11-20	Name : The remote Fedora host is missing a security update. File : fedora_2007-3474.nasl - Type : ACT_GATHER_INFO
2007-08-02	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-007.nasl - Type : ACT_GATHER_INFO
2007-07-27	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_872623af39ec11dcb8cc000fea449b8a.nasl - Type : ACT_GATHER_INFO
2007-05-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0327.nasl - Type : ACT_GATHER_INFO
2007-05-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0327.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff...
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957...
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098...

Source	Url
APPLE	http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
BID	http://www.securityfocus.com/bid/24524 http://www.securityfocus.com/bid/25159
BUGTRAQ	http://www.securityfocus.com/archive/1/471719/100/0/threaded http://www.securityfocus.com/archive/1/500396/100/0/threaded http://www.securityfocus.com/archive/1/500412/100/0/threaded
CONFIRM	http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://docs.info.apple.com/article.html?artnum=306172 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.apache.org/security-4.html http://www.fujitsu.com/global/support/software/security/products-f/interstage...
FEDORA	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg0052...
HP	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
JVN	http://jvn.jp/jp/JVN%2316535199/index.html
OSVDB	http://osvdb.org/34881
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://rhn.redhat.com/errata/RHSA-2008-0630.html http://www.redhat.com/support/errata/RHSA-2008-0261.html
SECTRACK	http://www.securitytracker.com/id?1018269
SECUNIA	http://secunia.com/advisories/25721 http://secunia.com/advisories/26235 http://secunia.com/advisories/26660 http://secunia.com/advisories/27037 http://secunia.com/advisories/27727 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://secunia.com/advisories/31493 http://secunia.com/advisories/33668
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
VUPEN	http://www.vupen.com/english/advisories/2007/1729 http://www.vupen.com/english/advisories/2007/2732 http://www.vupen.com/english/advisories/2007/3087 http://www.vupen.com/english/advisories/2007/3386 http://www.vupen.com/english/advisories/2008/1979/references http://www.vupen.com/english/advisories/2009/0233

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-11-07 21:47:57	Multiple Updates
2021-05-04 12:05:29	Multiple Updates
2021-04-22 01:06:02	Multiple Updates
2020-05-23 01:37:56	Multiple Updates
2020-05-23 00:19:24	Multiple Updates
2019-03-25 17:18:56	Multiple Updates
2019-03-21 21:19:08	Multiple Updates
2019-03-19 12:02:23	Multiple Updates
2018-10-16 21:19:51	Multiple Updates
2017-10-11 09:23:52	Multiple Updates
2016-10-18 12:02:16	Multiple Updates
2016-06-28 16:16:30	Multiple Updates
2016-04-26 15:51:09	Multiple Updates
2014-02-17 10:39:23	Multiple Updates
2013-07-22 17:19:31	Multiple Updates
2013-05-11 10:20:23	Multiple Updates
2012-11-07 00:14:30	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	60
Sources(s)	38
osvdb(s)	1
Openvas Exploit(s)	10
Nessus® Exploit(s)	15

	Related
7.5	SUN-239312
7.5	HPSBUX02262 SSR...
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)