4.3
MEDIUM

CVE-2011-0013

Published: 19/02/2011 Updated: 13/08/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

Vulnerability Summary

SUSE Linux Security Vulnerability: CVE-2011-0013

An attacker could send crafted input to Tomcat and cause it to crash or read and write arbitrary files.

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

Apache Tomcat contains a vulnerability that could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper sanitization of user-supplied input in the HTML Manager component. An authenticated, remote attacker could exploit the vulnerability by convincing a user to view a malicious web application in the administrative interface. If successful, the attacker could execute arbitrary script code in the user's browser session in the security context of the affected site. Proof-of-concept code that exploits the vulnerability is publicly available. Apache has confirmed the vulnerability and released updated software.

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Complexity: MEDIUM
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Affected Products

Vendor Product Versions
ApacheTomcat5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.5.7, 5.5.8, 5.5.9, 5.5.10, 5.5.11, 5.5.12, 5.5.13, 5.5.14, 5.5.15, 5.5.16, 5.5.17, 5.5.18, 5.5.19, 5.5.20, 5.5.21, 5.5.22, 5.5.23, 5.5.24, 5.5.25, 5.5.26, 5.5.27, 5.5.28, 5.5.29, 5.5.30, 5.5.31, 6.0, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.0.16, 6.0.17, 6.0.18, 6.0.19, 6.0.20, 6.0.24, 6.0.26, 6.0.27, 6.0.28, 6.0.29, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5

Vendor Advisories

Synopsis Moderate: tomcat5 security update Type/Severity Security Advisory: Moderate Topic Updated tomcat5 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerabili ...
An attacker could send crafted input to Tomcat and cause it to crash or read and write arbitrary files ...
Several vulnerabilities were discovered in the Tomcat Servlet and JSP engine: CVE-2010-3718 It was discovered that the SecurityManager insufficiently restricted the working directory CVE-2011-0013 It was discovered that the HTML manager interface is affected by cross-site scripting CVE-2011-0534 It was discovered that N ...

Mailing Lists

Apache Tomcat Manager suffers from a cross site scripting vulnerability Versions 700 through 705, 600 through 6029, and 550 through 5531 are affected ...

References

CWE-79http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttp://marc.info/?l=bugtraq&m=130168502603566&w=2http://marc.info/?l=bugtraq&m=132215163318824&w=2http://marc.info/?l=bugtraq&m=136485229118404&w=2http://marc.info/?l=bugtraq&m=139344343412337&w=2http://secunia.com/advisories/43192http://secunia.com/advisories/45022http://secunia.com/advisories/57126http://securityreason.com/securityalert/8093http://support.apple.com/kb/HT5002http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.htmlhttp://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_(released_14_Jan_2011)http://www.debian.org/security/2011/dsa-2160http://www.mandriva.com/security/advisories?name=MDVSA-2011:030http://www.redhat.com/support/errata/RHSA-2011-0791.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0896.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0897.htmlhttp://www.redhat.com/support/errata/RHSA-2011-1845.htmlhttp://www.securityfocus.com/archive/1/516209/30/90/threadedhttp://www.securityfocus.com/bid/46174http://www.securitytracker.com/id?1025026http://www.vupen.com/english/advisories/2011/0376https://bugzilla.redhat.com/show_bug.cgi?id=675786https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12878https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14945https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19269https://www.rapid7.com/db/vulnerabilities/suse-cve-2011-0013http://tools.cisco.com/security/center/viewAlert.x?alertId=22368https://nvd.nist.govhttps://usn.ubuntu.com/1097-1/