VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	LOW	http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
generic_textual	MODERATE	http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
generic_textual	LOW	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
generic_textual	MODERATE	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2008-0630.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2008:0261
rhas	Low	https://access.redhat.com/errata/RHSA-2008:0524
rhas	Low	https://access.redhat.com/errata/RHSA-2008:0630
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.10261	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.11009	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.11009	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.11009	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
epss	0.78989	https://api.first.org/data/v1/epss?cve=CVE-2007-1355
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=253166
apache_tomcat	Moderate	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
generic_textual	MODERATE	http://secunia.com/advisories/30802
generic_textual	MODERATE	http://secunia.com/advisories/30899
generic_textual	MODERATE	http://secunia.com/advisories/30908
generic_textual	MODERATE	http://secunia.com/advisories/31493
generic_textual	MODERATE	http://secunia.com/advisories/33668
generic_textual	MODERATE	https://exchange.xforce.ibmcloud.com/vulnerabilities/34377
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-4c6x-gfc8-c26r
generic_textual	MODERATE	https://github.com/apache/tomcat
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2007-1355
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2007-1355
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111
generic_textual	LOW	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
generic_textual	MODERATE	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
generic_textual	MODERATE	http://support.apple.com/kb/HT2163
generic_textual	LOW	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
generic_textual	MODERATE	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
generic_textual	LOW	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
cvssv3.1	4.2	http://tomcat.apache.org/security-4.html
generic_textual	MODERATE	http://tomcat.apache.org/security-4.html
cvssv3.1	4.2	http://tomcat.apache.org/security-5.html
generic_textual	MODERATE	http://tomcat.apache.org/security-5.html
cvssv3.1	9.8	http://tomcat.apache.org/security-6.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-6.html
generic_textual	MODERATE	http://tomcat.apache.org/security-6.html
generic_textual	LOW	http://www.redhat.com/support/errata/RHSA-2008-0261.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2008-0261.html
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/500396/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/500412/100/0/threaded
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/1979/references
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/1981/references
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/0233

System

Score

Found at

generic_textual

LOW

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

generic_textual

MODERATE

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

generic_textual

LOW

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

generic_textual

MODERATE

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

generic_textual

MODERATE

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2008-0630.html

rhas

Moderate

https://access.redhat.com/errata/RHSA-2008:0261

rhas

Low

https://access.redhat.com/errata/RHSA-2008:0524

rhas

Low

https://access.redhat.com/errata/RHSA-2008:0630

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.10261

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.11009

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.11009

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.11009

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

epss

0.78989

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

rhbs

low

https://bugzilla.redhat.com/show_bug.cgi?id=253166

apache_tomcat

Moderate

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355

generic_textual

MODERATE

http://secunia.com/advisories/30802

generic_textual

MODERATE

http://secunia.com/advisories/30899

generic_textual

MODERATE

http://secunia.com/advisories/30908

generic_textual

MODERATE

http://secunia.com/advisories/31493

generic_textual

MODERATE

http://secunia.com/advisories/33668

generic_textual

MODERATE

https://exchange.xforce.ibmcloud.com/vulnerabilities/34377

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-4c6x-gfc8-c26r

generic_textual

MODERATE

https://github.com/apache/tomcat

cvssv3.1

4.2

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2007-1355

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2007-1355

generic_textual

MODERATE

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111

generic_textual

LOW

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

generic_textual

MODERATE

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

generic_textual

MODERATE

http://support.apple.com/kb/HT2163

generic_textual

LOW

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

generic_textual

MODERATE

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

generic_textual

LOW

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

generic_textual

MODERATE

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

cvssv3.1

4.2

http://tomcat.apache.org/security-4.html

generic_textual

MODERATE

http://tomcat.apache.org/security-4.html

cvssv3.1

4.2

http://tomcat.apache.org/security-5.html

generic_textual

MODERATE

http://tomcat.apache.org/security-5.html

cvssv3.1

9.8

http://tomcat.apache.org/security-6.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-6.html

generic_textual

MODERATE

http://tomcat.apache.org/security-6.html

generic_textual

LOW

http://www.redhat.com/support/errata/RHSA-2008-0261.html

generic_textual

MODERATE

http://www.redhat.com/support/errata/RHSA-2008-0261.html

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/500396/100/0/threaded

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/500412/100/0/threaded

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2008/1979/references

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2008/1981/references

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2009/0233

Reference id	Reference type	URL
		http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
		http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
		http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
		http://osvdb.org/34875
		http://rhn.redhat.com/errata/RHSA-2008-0630.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1355.json
		https://api.first.org/data/v1/epss?cve=CVE-2007-1355
		http://secunia.com/advisories/27037
		http://secunia.com/advisories/27727
		http://secunia.com/advisories/30802
		http://secunia.com/advisories/30899
		http://secunia.com/advisories/30908
		http://secunia.com/advisories/31493
		http://secunia.com/advisories/33668
		http://securityreason.com/securityalert/2722
		https://exchange.xforce.ibmcloud.com/vulnerabilities/34377
		https://github.com/apache/tomcat
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111
		http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
		http://support.apple.com/kb/HT2163
		http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
		https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
		http://tomcat.apache.org/security-4.html
		http://tomcat.apache.org/security-5.html
		http://tomcat.apache.org/security-6.html
		http://www.redhat.com/support/errata/RHSA-2008-0261.html
		http://www.securityfocus.com/archive/1/469067/100/0/threaded
		http://www.securityfocus.com/archive/1/500396/100/0/threaded
		http://www.securityfocus.com/archive/1/500412/100/0/threaded
		http://www.securityfocus.com/bid/24058
		http://www.vupen.com/english/advisories/2007/3386
		http://www.vupen.com/english/advisories/2008/1979/references
		http://www.vupen.com/english/advisories/2008/1981/references
		http://www.vupen.com/english/advisories/2009/0233
253166		https://bugzilla.redhat.com/show_bug.cgi?id=253166
cpe:2.3:a:apache:tomcat:4.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:::::::*
cpe:2.3:a:apache:tomcat:4.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:::::::*
cpe:2.3:a:apache:tomcat:4.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:::::::*
cpe:2.3:a:apache:tomcat:4.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:::::::*
cpe:2.3:a:apache:tomcat:4.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:::::::*
cpe:2.3:a:apache:tomcat:4.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:::::::*
cpe:2.3:a:apache:tomcat:4.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:::::::*
cpe:2.3:a:apache:tomcat:4.1.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:::::::*
cpe:2.3:a:apache:tomcat:4.1.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:::::::*
cpe:2.3:a:apache:tomcat:4.1.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:::::::*
cpe:2.3:a:apache:tomcat:4.1.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:::::::*
cpe:2.3:a:apache:tomcat:4.1.31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:::::::*
cpe:2.3:a:apache:tomcat:5.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.1:::::::*
cpe:2.3:a:apache:tomcat:5.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.10:::::::*
cpe:2.3:a:apache:tomcat:5.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.16:::::::*
cpe:2.3:a:apache:tomcat:5.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.17:::::::*
cpe:2.3:a:apache:tomcat:5.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.18:::::::*
cpe:2.3:a:apache:tomcat:5.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:::::::*
cpe:2.3:a:apache:tomcat:5.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.2:::::::*
cpe:2.3:a:apache:tomcat:5.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.21:::::::*
cpe:2.3:a:apache:tomcat:5.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.22:::::::*
cpe:2.3:a:apache:tomcat:5.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.23:::::::*
cpe:2.3:a:apache:tomcat:5.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.24:::::::*
cpe:2.3:a:apache:tomcat:5.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.25:::::::*
cpe:2.3:a:apache:tomcat:5.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.26:::::::*
cpe:2.3:a:apache:tomcat:5.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.27:::::::*
cpe:2.3:a:apache:tomcat:5.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.28:::::::*
cpe:2.3:a:apache:tomcat:5.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.29:::::::*
cpe:2.3:a:apache:tomcat:5.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.3:::::::*
cpe:2.3:a:apache:tomcat:5.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.30:::::::*
cpe:2.3:a:apache:tomcat:5.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.6:::::::*
cpe:2.3:a:apache:tomcat:5.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.8:::::::*
cpe:2.3:a:apache:tomcat:5.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.9:::::::*
cpe:2.3:a:apache:tomcat:6.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:::::::*
cpe:2.3:a:apache:tomcat:6.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:::::::*
cpe:2.3:a:apache:tomcat:6.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:::::::*
cpe:2.3:a:apache:tomcat:6.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:::::::*
cpe:2.3:a:apache:tomcat:6.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:::::::*
cpe:2.3:a:apache:tomcat:6.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:::::::*
cpe:2.3:a:apache:tomcat:6.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:::::::*
cpe:2.3:a:apache:tomcat:6.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:::::::*
cpe:2.3:a:apache:tomcat:6.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:::::::*
cpe:2.3:a:apache:tomcat:6.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:::::::*
CVE-2007-1355		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
CVE-2007-1355		https://nvd.nist.gov/vuln/detail/CVE-2007-1355
CVE-2007-1355;OSVDB-34875	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30052.txt
CVE-2007-1355;OSVDB-34875	Exploit	https://www.securityfocus.com/bid/24058/info
GHSA-4c6x-gfc8-c26r		https://github.com/advisories/GHSA-4c6x-gfc8-c26r
RHSA-2008:0261		https://access.redhat.com/errata/RHSA-2008:0261
RHSA-2008:0524		https://access.redhat.com/errata/RHSA-2008:0524
RHSA-2008:0630		https://access.redhat.com/errata/RHSA-2008:0630

Reference id

Reference type

URL

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

http://osvdb.org/34875

http://rhn.redhat.com/errata/RHSA-2008-0630.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1355.json

https://api.first.org/data/v1/epss?cve=CVE-2007-1355

http://secunia.com/advisories/27037

http://secunia.com/advisories/27727

http://secunia.com/advisories/30802

http://secunia.com/advisories/30899

http://secunia.com/advisories/30908

http://secunia.com/advisories/31493

http://secunia.com/advisories/33668

http://securityreason.com/securityalert/2722

https://exchange.xforce.ibmcloud.com/vulnerabilities/34377

https://github.com/apache/tomcat

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

http://support.apple.com/kb/HT2163

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

http://tomcat.apache.org/security-4.html

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.securityfocus.com/archive/1/469067/100/0/threaded

http://www.securityfocus.com/archive/1/500396/100/0/threaded

http://www.securityfocus.com/archive/1/500412/100/0/threaded

http://www.securityfocus.com/bid/24058

http://www.vupen.com/english/advisories/2007/3386

http://www.vupen.com/english/advisories/2008/1979/references

http://www.vupen.com/english/advisories/2008/1981/references

http://www.vupen.com/english/advisories/2009/0233

253166

https://bugzilla.redhat.com/show_bug.cgi?id=253166

cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

CVE-2007-1355

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355

CVE-2007-1355

https://nvd.nist.gov/vuln/detail/CVE-2007-1355

CVE-2007-1355;OSVDB-34875

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30052.txt

CVE-2007-1355;OSVDB-34875

Exploit

https://www.securityfocus.com/bid/24058/info

GHSA-4c6x-gfc8-c26r

https://github.com/advisories/GHSA-4c6x-gfc8-c26r

RHSA-2008:0261

https://access.redhat.com/errata/RHSA-2008:0261

RHSA-2008:0524

https://access.redhat.com/errata/RHSA-2008:0524

RHSA-2008:0630

https://access.redhat.com/errata/RHSA-2008:0630

Data source	Exploit-DB
Date added	May 19, 2007
Description	Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
Ransomware campaign use	Known
Source publication date	May 19, 2007
Exploit type	remote
Platform	multiple
Source update date	Dec. 5, 2013
Source URL	https://www.securityfocus.com/bid/24058/info

Exploit-DB

May 19, 2007

Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities

Known

May 19, 2007

remote

multiple

Dec. 5, 2013

https://www.securityfocus.com/bid/24058/info

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-1355

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-4.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-5.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-6.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-1bxb-dc7f-aaad
Aliases	CVE-2007-1355 GHSA-4c6x-gfc8-c26r
Summary	CVE-2007-1355 tomcat XSS in samples
Status	Published
Exploitability	2.0
Weighted Severity	6.2
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.95133
EPSS Score	0.10261
Published At	Nov. 1, 2024, midnight