Multiple Tomcat vulnerabilities in Oracle Health Sciences LabPas

Posted by RitwikGhoshal on Oracle Blogs See other posts from Oracle Blogs or by RitwikGhoshal
Published on Wed, 12 Dec 2012 23:05:37 +0000 Indexed on 2012/12/13 5:11 UTC
Read the original article Hit count: 182

Filed under:
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2733 Improper Input Validation vulnerability 5.0 Apache Tomcat
Oracle Health Sciences LabPas upgrade to Apache Tomcat v6.0.36
CVE-2012-3439 DIGEST authentication implementation issues 5.0
CVE-2012-3546 Security constraints bypass vulnerability 5.5
CVE-2012-4431 CSRF prevention filter bypass vulnerability 4.3
CVE-2012-4534 Denial of Service (DoS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

© Oracle Blogs or respective owner

Related posts about /Alerts