Table of Contents

Public Date:
244803: CVE-2007-1358 tomcat accept-language xss flaw

The MITRE CVE dictionary describes this issue as:

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

Find out more about CVE-2007-1358 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Certificate System 7.3 for 4AS RHSA-2010:0602 2010-08-04
Red Hat Developer Suite v.3 (AS v.4) (jakarta-commons-modeler) RHSA-2007:0328 2007-05-24
Red Hat Satellite 5.0 (RHEL v.4 AS) RHSA-2008:0261 2008-05-20
Red Hat Satellite 5.1 (RHEL v.4 AS) RHSA-2008:0630 2008-08-13
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (jbossas) RHSA-2007:0360 2007-05-24
Red Hat Application Server v2 4AS (tomcat5) RHSA-2007:0876 2007-10-11
Red Hat Satellite v 4.2 (RHEL v.4 AS) RHSA-2008:0524 2008-06-30
Red Hat Satellite v 4.2 (RHEL v.3 AS) RHSA-2008:0524 2008-06-30
Red Hat Enterprise Linux 5 RHSA-2007:0327 2007-05-14
Red Hat Application Server v2 4AS (jakarta-commons-modeler) RHSA-2007:0326 2007-05-21
Last Modified

CVE description copyright © 2017, The MITRE Corporation