[Japanese]

JVNDB-2007-000297

Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability

Overview

Apache Tomcat from the Apache Software Foundation contains a cross-site scripting vulnerability in the Accept-Language header handling.

Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies.

Apache Tomcat contains a cross-site scripting vulnerability. It occurs when the value of the Accept-Language header sent from a client is non-standard.

The vendor has confirmed that this vulnerability occurs when an outdated version of Flash is used.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Apache Software Foundation
  • Apache Tomcat 4.0.0 - 4.0.6
  • Apache Tomcat 4.1.0 - 4.1.34
  • Apache Tomcat 5.0.0 - 5.0.30
  • Apache Tomcat 5.5.0 - 5.5.20
  • Apache Tomcat 6.0.0 - 6.0.5
Apple Inc.
  • Apple Mac OS X Server v10.4.10
Sun Microsystems, Inc.
  • Sun Solaris 10 (sparc)
  • Sun Solaris 10 (x86)
  • Sun Solaris 9 (sparc)
  • Sun Solaris 9 (x86)
Hewlett-Packard Development Company, L.P
  • HP-UX 11.11
  • HP-UX 11.23
  • HP-UX 11.31
MIRACLE LINUX CORPORATION
  • Asianux Server 2.0
  • Asianux Server 2.1
NEC Corporation
  • WebOTX Application Server 6
  • WebOTX Application Server 7
Hitachi, Ltd
  • Cosminexus Application Server Enterprise Version 6
  • Cosminexus Application Server Standard Version 6
  • Cosminexus Application Server Version 5
  • Cosminexus Developer Standard Version 6
  • Cosminexus Developer Professional Version 6
  • Cosminexus Developer Light Version 6
  • Cosminexus Developer Version 5
  • uCosminexus Application Server Server Enterprise
  • uCosminexus Application Server Server Standard
  • uCosminexus Application Server Server Smart Edition
  • uCosminexus Developer Standard
  • uCosminexus Developer Professional
  • uCosminexus Developer Light
  • uCosminexus Service Platform
  • uCosminexus Service Architect
FUJITSU
  • Interstage Application Framework Suite
  • Interstage Application Server
  • Interstage Apworks /Studio
  • Interstage Business Application Server
  • Interstage Job Workload Server
  • Interstage Web Server

Impact

An arbitrary script may be executed on the user's web browser.
Solution

[Update the software]
Apply the latest updates provided by the vendor.
For more information, refer to the vendor's website.
Vendor Information

Apache Software Foundation Apple Inc. Sun Microsystems, Inc.
  • Sun Alert Notification : 239312
Hewlett-Packard Development Company, L.P MIRACLE LINUX CORPORATION NEC Corporation
  • NEC Security Information : NV08-003 (Japanese)
Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS08-013
FUJITSU
  • FUJITSU Security Information : JVN#16535199 (Japanese)
  • Fujitsu Software Security Patches & Updates : CVE-2007-1358 (Japanese)
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2007-1358
References

  1. JVN : JVN#16535199
  2. National Vulnerability Database (NVD) : CVE-2007-1358
  3. Secunia Advisory : SA25721
  4. SecurityFocus : 24524
  5. SecurityTracker : 1018269
  6. FrSIRT Advisories : FrSIRT/ADV-2007-1729
Revision History

  • [2008/05/21]
      Web page published
    [2008/06/10]
      Affected Products : Added NEC Corporation (NV08-003).
      Vendor Information : Added NEC Corporation (NV08-003).
    [2008/07/04]
      Affected Products : Added Hitachi, Ltd (HS08-013).
      Vendor Information : Added Hitachi, Ltd (HS08-013).
    [2008/07/11]
      Affected Products : Added Sun Microsystems, Inc. (239312).
      Vendor Information : Added Sun Microsystems, Inc. (239312).