*** This bug is a security vulnerability ***
Public security bug reported:
CVE-2008-1232
The message argument of HttpServletResponse.sendError() call is not only
displayed on the error page, but is also used for the reason-phrase of HTTP
response. This may include characters that are illegal in HTTP headers. It is
possible for a specially crafted message to result in arbitrary content being
injected into the HTTP response. For a successful XSS attack, unfiltered user
supplied data must be included in the message argument.
Affects: 6.0.0-6.0.16, 5.5.0-5.5.26
** Affects: tomcat5.5 (Ubuntu)
Importance: Undecided
Status: New
** Affects: tomcat6 (Ubuntu)
Importance: Undecided
Status: New
** Affects: tomcat5.5 (Debian)
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1232
** Also affects: tomcat5.5 (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: Debian Bug tracker #494504
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494504
** Also affects: tomcat5.5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494504
Importance: Unknown
Status: Unknown
--
Cross-site scripting through sendError (CVE-2008-1232)
https://bugs.launchpad.net/bugs/256926
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
