Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache tomcat 5.5.6 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2005-3510
Apache Tomcat 5.5.0 to 5.5.11 allows remote malicious users to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.5.5Apache Tomcat 5.5.3Apache Tomcat 5.5.9Apache Tomcat 5.5.2Apache Tomcat 5.5.0Apache Tomcat 5.5.8
NA
CVE-2006-7195
Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 up to and including 5.0.30 and 5.5.0 up to and including 5.5.17 allows remote malicious users to inject arbitrary web script or HTML via certain header values.
Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.7Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 5.0.0Apache Tomcat 5.0.27Apache Tomcat 5.0.16Apache Tomcat 5.5.9
NA
CVE-2007-3386
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote malicious users to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...
Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.20Apache Tomcat 5.5.21Apache Tomcat 5.5.6Apache Tomcat 5.5.7Apache Tomcat 5.5.8Apache Tomcat 6.0.13Apache Tomcat 6.0.2Apache Tomcat 6.0.9Apache Tomcat 5.5.0Apache Tomcat 5.5.15Apache Tomcat 5.5.16Apache Tomcat 5.5.22Apache Tomcat 5.5.23Apache Tomcat 5.5.9Apache Tomcat 6.0.0Apache Tomcat 6.0.3Apache Tomcat 6.0.4Apache Tomcat 5.5.1Apache Tomcat 5.5.10Apache Tomcat 5.5.17
NA
CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote malicious users to obtain sensitive i...
Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 5.0.0Apache Tomcat 4.1.31
NA
CVE-2010-2227
Apache Tomcat 5.5.0 up to and including 5.5.29, 6.0.0 up to and including 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote malicious users to cause a denial of service (application outage) or obtain sensitive information via...
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.5.3Apache Tomcat 5.5.9Apache Tomcat 5.5.25Apache Tomcat 5.5.2Apache Tomcat 5.5.0
NA
CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.15 allows remote malicious users to inject arbitrar...
Apache Tomcat 4.0.4Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.9Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10
NA
CVE-2010-1157
Apache Tomcat 5.5.0 up to and including 5.5.29 and 6.0.0 up to and including 6.0.26 might allow remote malicious users to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading t...
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.5.3Apache Tomcat 5.5.9Apache Tomcat 5.5.25Apache Tomcat 5.5.2Apache Tomcat 5.5.0
NA
CVE-2009-2901
The autodeployment process in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote malicious users to bypass intended authentication requ...
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 6.0.4Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 6.0.15Apache Tomcat 5.5.21Apache Tomcat 5.5.22
NA
CVE-2009-2902
Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 6.0.4Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 6.0.15Apache Tomcat 5.5.21Apache Tomcat 5.5.22
NA
CVE-2009-2693
Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat ...
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 6.0.4Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 6.0.15Apache Tomcat 5.5.21Apache Tomcat 5.5.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook