CVE-2006-7195

Impact:
Moderate
Public Date:
2007-04-19
CWE:
CWE-79
Bugzilla:
237081: CVE-2006-7195 tomcat XSS in example webapps

The MITRE CVE dictionary describes this issue as:

Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.

Find out more about CVE-2006-7195 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Developer Suite v.3 (AS v.4) (jakarta-commons-modeler) RHSA-2007:0328 2007-05-24
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 2008-05-20
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 2008-06-30
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 2008-06-30
Red Hat Enterprise Linux 5 RHSA-2007:0327 2007-05-14
Red Hat Application Server v2 4AS (jakarta-commons-modeler) RHSA-2007:0326 2007-05-21
Red Hat Application Server 3AS (tomcat5) RHSA-2007:0340 2007-05-08

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 5 tomcat5 5.5.23-0jpp.1.0.3.el5 Fixed
Red Hat Enterprise Linux version 5 jakarta-commons-modeler 1.1-8jpp.1.0.2.el5 Fixed

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation