VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	LOW	http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
generic_textual	LOW	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
cvssv3.1	5.3	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2008-0630.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2007:0569
rhas	Moderate	https://access.redhat.com/errata/RHSA-2007:0876
rhas	Moderate	https://access.redhat.com/errata/RHSA-2008:0261
rhas	Low	https://access.redhat.com/errata/RHSA-2008:0524
rhas	Low	https://access.redhat.com/errata/RHSA-2008:0630
epss	0.63161	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89189	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.89422	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.91461	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.91461	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.94361	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.94361	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.94361	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.94361	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
epss	0.95945	https://api.first.org/data/v1/epss?cve=CVE-2007-2449
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=244804
apache_tomcat	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
generic_textual	MODERATE	http://secunia.com/advisories/30802
generic_textual	MODERATE	http://secunia.com/advisories/31493
generic_textual	MODERATE	http://secunia.com/advisories/33668
generic_textual	MODERATE	https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-hc39-rjwp-qffq
cvssv3.1	4.2	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2007-2449
generic_textual	MODERATE	http://support.apple.com/kb/HT2163
generic_textual	LOW	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
generic_textual	LOW	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
cvssv3.1	4.2	http://tomcat.apache.org/security-4.html
generic_textual	MODERATE	http://tomcat.apache.org/security-4.html
cvssv3.1	4.2	http://tomcat.apache.org/security-5.html
generic_textual	MODERATE	http://tomcat.apache.org/security-5.html
cvssv3.1	9.8	http://tomcat.apache.org/security-6.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-6.html
generic_textual	LOW	http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
generic_textual	LOW	http://www.redhat.com/support/errata/RHSA-2007-0569.html
generic_textual	LOW	http://www.redhat.com/support/errata/RHSA-2008-0261.html
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/500396/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/500412/100/0/threaded
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/1981/references
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/0233

System

Score

Found at

generic_textual

LOW

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

generic_textual

LOW

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

generic_textual

MODERATE

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html

cvssv3.1

5.3

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2008-0630.html

rhas

Moderate

https://access.redhat.com/errata/RHSA-2007:0569

rhas

Moderate

https://access.redhat.com/errata/RHSA-2007:0876

rhas

Moderate

https://access.redhat.com/errata/RHSA-2008:0261

rhas

Low

https://access.redhat.com/errata/RHSA-2008:0524

rhas

Low

https://access.redhat.com/errata/RHSA-2008:0630

epss

0.63161

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89189

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.89422

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.91461

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.91461

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.94361

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.94361

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.94361

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.94361

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

epss

0.95945

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

rhbs

low

https://bugzilla.redhat.com/show_bug.cgi?id=244804

apache_tomcat

Low

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449

generic_textual

MODERATE

http://secunia.com/advisories/30802

generic_textual

MODERATE

http://secunia.com/advisories/31493

generic_textual

MODERATE

http://secunia.com/advisories/33668

generic_textual

MODERATE

https://exchange.xforce.ibmcloud.com/vulnerabilities/34869

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-hc39-rjwp-qffq

cvssv3.1

4.2

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

generic_textual

LOW

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

generic_textual

LOW

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

cvssv3.1

4.2

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2007-2449

generic_textual

MODERATE

http://support.apple.com/kb/HT2163

generic_textual

LOW

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

generic_textual

LOW

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

cvssv3.1

4.2

http://tomcat.apache.org/security-4.html

generic_textual

MODERATE

http://tomcat.apache.org/security-4.html

cvssv3.1

4.2

http://tomcat.apache.org/security-5.html

generic_textual

MODERATE

http://tomcat.apache.org/security-5.html

cvssv3.1

9.8

http://tomcat.apache.org/security-6.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-6.html

generic_textual

LOW

http://www.mandriva.com/security/advisories?name=MDKSA-2007:241

generic_textual

LOW

http://www.redhat.com/support/errata/RHSA-2007-0569.html

generic_textual

LOW

http://www.redhat.com/support/errata/RHSA-2008-0261.html

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/500396/100/0/threaded

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/500412/100/0/threaded

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2008/1981/references

generic_textual

MODERATE

http://www.vupen.com/english/advisories/2009/0233

Reference id	Reference type	URL
		http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
		http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
		http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
		http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
		http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
		http://osvdb.org/36080
		http://rhn.redhat.com/errata/RHSA-2008-0630.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2449.json
		https://api.first.org/data/v1/epss?cve=CVE-2007-2449
		http://secunia.com/advisories/26076
		http://secunia.com/advisories/27037
		http://secunia.com/advisories/27727
		http://secunia.com/advisories/29392
		http://secunia.com/advisories/30802
		http://secunia.com/advisories/31493
		http://secunia.com/advisories/33668
		http://securityreason.com/securityalert/2804
		https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
		https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10578
		http://support.apple.com/kb/HT2163
		http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
		https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
		http://tomcat.apache.org/security-4.html
		http://tomcat.apache.org/security-5.html
		http://tomcat.apache.org/security-6.html
		http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
		http://www.redhat.com/support/errata/RHSA-2007-0569.html
		http://www.redhat.com/support/errata/RHSA-2008-0261.html
		http://www.securityfocus.com/archive/1/471351/100/0/threaded
		http://www.securityfocus.com/archive/1/500396/100/0/threaded
		http://www.securityfocus.com/archive/1/500412/100/0/threaded
		http://www.securityfocus.com/bid/24476
		http://www.securitytracker.com/id?1018245
		http://www.vupen.com/english/advisories/2007/2213
		http://www.vupen.com/english/advisories/2007/3386
		http://www.vupen.com/english/advisories/2008/1981/references
		http://www.vupen.com/english/advisories/2009/0233
244804		https://bugzilla.redhat.com/show_bug.cgi?id=244804
cpe:2.3:a:apache:tomcat::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat::::::::
cpe:2.3:a:apache:tomcat:4.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:::::::*
cpe:2.3:a:apache:tomcat:4.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:::::::*
cpe:2.3:a:apache:tomcat:4.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:::::::*
cpe:2.3:a:apache:tomcat:4.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:::::::*
cpe:2.3:a:apache:tomcat:4.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:::::::*
cpe:2.3:a:apache:tomcat:4.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.0:::::::*
cpe:2.3:a:apache:tomcat:5.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.1:::::::*
cpe:2.3:a:apache:tomcat:5.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.10:::::::*
cpe:2.3:a:apache:tomcat:5.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.16:::::::*
cpe:2.3:a:apache:tomcat:5.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.17:::::::*
cpe:2.3:a:apache:tomcat:5.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.18:::::::*
cpe:2.3:a:apache:tomcat:5.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:::::::*
cpe:2.3:a:apache:tomcat:5.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.2:::::::*
cpe:2.3:a:apache:tomcat:5.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.21:::::::*
cpe:2.3:a:apache:tomcat:5.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.22:::::::*
cpe:2.3:a:apache:tomcat:5.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.23:::::::*
cpe:2.3:a:apache:tomcat:5.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.24:::::::*
cpe:2.3:a:apache:tomcat:5.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.25:::::::*
cpe:2.3:a:apache:tomcat:5.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.26:::::::*
cpe:2.3:a:apache:tomcat:5.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.27:::::::*
cpe:2.3:a:apache:tomcat:5.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.28:::::::*
cpe:2.3:a:apache:tomcat:5.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.29:::::::*
cpe:2.3:a:apache:tomcat:5.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.3:::::::*
cpe:2.3:a:apache:tomcat:5.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.30:::::::*
cpe:2.3:a:apache:tomcat:5.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.6:::::::*
cpe:2.3:a:apache:tomcat:5.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.8:::::::*
cpe:2.3:a:apache:tomcat:5.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.9:::::::*
cpe:2.3:a:apache:tomcat:5.5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:::::::*
cpe:2.3:a:apache:tomcat:5.5.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:::::::*
cpe:2.3:a:apache:tomcat:5.5.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:::::::*
cpe:2.3:a:apache:tomcat:5.5.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:::::::*
cpe:2.3:a:apache:tomcat:5.5.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:::::::*
cpe:2.3:a:apache:tomcat:5.5.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:::::::*
cpe:2.3:a:apache:tomcat:5.5.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:::::::*
cpe:2.3:a:apache:tomcat:5.5.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:::::::*
cpe:2.3:a:apache:tomcat:5.5.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:::::::*
cpe:2.3:a:apache:tomcat:5.5.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:::::::*
cpe:2.3:a:apache:tomcat:5.5.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:::::::*
cpe:2.3:a:apache:tomcat:5.5.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:::::::*
cpe:2.3:a:apache:tomcat:5.5.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.21:::::::*
cpe:2.3:a:apache:tomcat:5.5.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.22:::::::*
cpe:2.3:a:apache:tomcat:5.5.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:::::::*
cpe:2.3:a:apache:tomcat:5.5.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:::::::*
cpe:2.3:a:apache:tomcat:5.5.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:::::::*
cpe:2.3:a:apache:tomcat:5.5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:::::::*
cpe:2.3:a:apache:tomcat:5.5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:::::::*
cpe:2.3:a:apache:tomcat:5.5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:::::::*
cpe:2.3:a:apache:tomcat:5.5.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:::::::*
cpe:2.3:a:apache:tomcat:6.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:::::::*
cpe:2.3:a:apache:tomcat:6.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:::::::*
cpe:2.3:a:apache:tomcat:6.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:::::::*
cpe:2.3:a:apache:tomcat:6.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:::::::*
cpe:2.3:a:apache:tomcat:6.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:::::::*
cpe:2.3:a:apache:tomcat:6.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:::::::*
cpe:2.3:a:apache:tomcat:6.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:::::::*
cpe:2.3:a:apache:tomcat:6.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:::::::*
cpe:2.3:a:apache:tomcat:6.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:::::::*
cpe:2.3:a:apache:tomcat:6.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:::::::*
cpe:2.3:a:apache:tomcat:6.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:::::::*
cpe:2.3:a:apache:tomcat:6.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:::::::*
CVE-2007-2449		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
CVE-2007-2449		https://nvd.nist.gov/vuln/detail/CVE-2007-2449
CVE-2007-2449;OSVDB-36080	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30189.txt
CVE-2007-2449;OSVDB-36080	Exploit	https://www.securityfocus.com/bid/24476/info
GHSA-hc39-rjwp-qffq		https://github.com/advisories/GHSA-hc39-rjwp-qffq
RHSA-2007:0569		https://access.redhat.com/errata/RHSA-2007:0569
RHSA-2007:0876		https://access.redhat.com/errata/RHSA-2007:0876
RHSA-2008:0261		https://access.redhat.com/errata/RHSA-2008:0261
RHSA-2008:0524		https://access.redhat.com/errata/RHSA-2008:0524
RHSA-2008:0630		https://access.redhat.com/errata/RHSA-2008:0630

Reference id

Reference type

URL

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

http://osvdb.org/36080

http://rhn.redhat.com/errata/RHSA-2008-0630.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2449.json

https://api.first.org/data/v1/epss?cve=CVE-2007-2449

http://secunia.com/advisories/26076

http://secunia.com/advisories/27037

http://secunia.com/advisories/27727

http://secunia.com/advisories/29392

http://secunia.com/advisories/30802

http://secunia.com/advisories/31493

http://secunia.com/advisories/33668

http://securityreason.com/securityalert/2804

https://exchange.xforce.ibmcloud.com/vulnerabilities/34869

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10578

http://support.apple.com/kb/HT2163

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html

http://tomcat.apache.org/security-4.html

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://www.mandriva.com/security/advisories?name=MDKSA-2007:241

http://www.redhat.com/support/errata/RHSA-2007-0569.html

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.securityfocus.com/archive/1/471351/100/0/threaded

http://www.securityfocus.com/archive/1/500396/100/0/threaded

http://www.securityfocus.com/archive/1/500412/100/0/threaded

http://www.securityfocus.com/bid/24476

http://www.securitytracker.com/id?1018245

http://www.vupen.com/english/advisories/2007/2213

http://www.vupen.com/english/advisories/2007/3386

http://www.vupen.com/english/advisories/2008/1981/references

http://www.vupen.com/english/advisories/2009/0233

244804

https://bugzilla.redhat.com/show_bug.cgi?id=244804

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

CVE-2007-2449

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449

CVE-2007-2449

https://nvd.nist.gov/vuln/detail/CVE-2007-2449

CVE-2007-2449;OSVDB-36080

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/30189.txt

CVE-2007-2449;OSVDB-36080

Exploit

https://www.securityfocus.com/bid/24476/info

GHSA-hc39-rjwp-qffq

https://github.com/advisories/GHSA-hc39-rjwp-qffq

RHSA-2007:0569

https://access.redhat.com/errata/RHSA-2007:0569

RHSA-2007:0876

https://access.redhat.com/errata/RHSA-2007:0876

RHSA-2008:0261

https://access.redhat.com/errata/RHSA-2008:0261

RHSA-2008:0524

https://access.redhat.com/errata/RHSA-2008:0524

RHSA-2008:0630

https://access.redhat.com/errata/RHSA-2008:0630

Data source	Exploit-DB
Date added	June 14, 2007
Description	Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	June 14, 2007
Exploit type	webapps
Platform	jsp
Source update date	Dec. 10, 2013
Source URL	https://www.securityfocus.com/bid/24476/info

Exploit-DB

June 14, 2007

Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting

Known

June 14, 2007

webapps

jsp

Dec. 10, 2013

https://www.securityfocus.com/bid/24476/info

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-2449

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-4.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-5.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-6.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-npzp-axqb-aaaa
Aliases	CVE-2007-2449 GHSA-hc39-rjwp-qffq
Summary	CVE-2007-2449 tomcat examples jsp XSS
Status	Published
Exploitability	2.0
Weighted Severity	6.2
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.97724
EPSS Score	0.63161
Published At	March 29, 2025, 12:55 p.m.