oval:org.mitre.oval:def:22687

Definition Id: oval:org.mitre.oval:def:22687

Oval ID:	oval:org.mitre.oval:def:22687
Title:	ELSA-2007:0569: tomcat security update (Moderate)
Description:	Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0569-01 CVE-2007-2449 CVE-2007-2450	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	tomcat5
Definition Synopsis:
Oracle Linux 5.x rpm test tomcat5-servlet-2.4-api is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-admin-webapps is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-jsp-2.0-api is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-servlet-2.4-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-server-lib is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-jasper is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-jsp-2.0-api-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-common-lib is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-jasper-javadoc is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5-webapps is earlier than 0:5.5.23-0jpp.1.0.4.el5 AND tomcat5 is earlier than 0:5.5.23-0jpp.1.0.4.el5

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22687