CVE Vulnerabilities

CVE-2006-0254

Published: Jan 18, 2006 | Modified: Oct 19, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.

Affected Software

Name Vendor Start Version End Version
Geronimo Apache 1.0 1.0
Red Hat Application Server 3AS RedHat tomcat5 *
Red Hat Application Server v2 4AS RedHat ant *
Red Hat Application Server v2 4AS RedHat avalon-logkit *
Red Hat Application Server v2 4AS RedHat axis *
Red Hat Application Server v2 4AS RedHat carol *
Red Hat Application Server v2 4AS RedHat carol-irmi *
Red Hat Application Server v2 4AS RedHat c-jdbc *
Red Hat Application Server v2 4AS RedHat classpathx-jaf *
Red Hat Application Server v2 4AS RedHat classpathx-mail *
Red Hat Application Server v2 4AS RedHat ews-mapper *
Red Hat Application Server v2 4AS RedHat geronimo-specs *
Red Hat Application Server v2 4AS RedHat howl-logger *
Red Hat Application Server v2 4AS RedHat ishmael *
Red Hat Application Server v2 4AS RedHat jacorb *
Red Hat Application Server v2 4AS RedHat jonas *
Red Hat Application Server v2 4AS RedHat jonathan-jeremie *
Red Hat Application Server v2 4AS RedHat joram *
Red Hat Application Server v2 4AS RedHat jorm *
Red Hat Application Server v2 4AS RedHat jorm-rdb-adapter *
Red Hat Application Server v2 4AS RedHat jotm *
Red Hat Application Server v2 4AS RedHat log4j *
Red Hat Application Server v2 4AS RedHat medor *
Red Hat Application Server v2 4AS RedHat medor-expression *
Red Hat Application Server v2 4AS RedHat mx4j *
Red Hat Application Server v2 4AS RedHat objectweb-emb *
Red Hat Application Server v2 4AS RedHat octopus *
Red Hat Application Server v2 4AS RedHat opensaml *
Red Hat Application Server v2 4AS RedHat perseus-cache *
Red Hat Application Server v2 4AS RedHat perseus-persistence *
Red Hat Application Server v2 4AS RedHat rh-jonas-docs *
Red Hat Application Server v2 4AS RedHat servletapi3 *
Red Hat Application Server v2 4AS RedHat servletapi4 *
Red Hat Application Server v2 4AS RedHat speedo *
Red Hat Application Server v2 4AS RedHat struts *
Red Hat Application Server v2 4AS RedHat tomcat5 *
Red Hat Application Server v2 4AS RedHat tribe *
Red Hat Application Server v2 4AS RedHat ws-fx-addressing *
Red Hat Application Server v2 4AS RedHat wss4j *
Red Hat Application Server v2 4AS RedHat xdoclet *
Red Hat Application Server v2 4AS RedHat xerces-j2 *
Red Hat Application Server v2 4AS RedHat xml-commons *
Red Hat Application Server v2 4AS RedHat xml-security *
Red Hat Network Satellite Server v 4.2 RedHat jabberd-0:2.0s10-3.38.rhn *
Red Hat Network Satellite Server v 4.2 RedHat java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 *
Red Hat Network Satellite Server v 4.2 RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 4.2 RedHat openmotif21-0:2.1.30-11.RHEL4.6 *
Red Hat Network Satellite Server v 4.2 RedHat perl-Crypt-CBC-0:2.24-1.el4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-apache-0:1.3.27-36.rhn.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modjk-0:1.2.23-2rhn.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modperl-0:1.29-16.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat rhn-modssl-0:2.8.12-8.rhn.10.rhel4 *
Red Hat Network Satellite Server v 4.2 RedHat tomcat5-0:5.0.30-0jpp_10rh *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat jabberd-0:2.0s10-3.37.rhn *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat openmotif21-0:2.1.30-9.RHEL3.8 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat perl-Crypt-CBC-0:2.24-1.el3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-apache-0:1.3.27-36.rhn.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modjk-0:1.2.23-2rhn.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modperl-0:1.29-16.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat rhn-modssl-0:2.8.12-8.rhn.10.rhel3 *
Red Hat Network Satellite Server v 4.2 (RHEL3) RedHat tomcat5-0:5.0.30-0jpp_10rh *
Red Hat Network Satellite Server v 5.0 RedHat jabberd-0:2.0s10-3.38.rhn *
Red Hat Network Satellite Server v 5.0 RedHat java-1.4.2-ibm-0:1.4.2.10-1jpp.2.el4 *
Red Hat Network Satellite Server v 5.0 RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 5.0 RedHat openmotif21-0:2.1.30-11.RHEL4.6 *
Red Hat Network Satellite Server v 5.0 RedHat perl-Crypt-CBC-0:2.24-1.el4 *
Red Hat Network Satellite Server v 5.0 RedHat rhn-apache-0:1.3.27-36.rhn.rhel4 *
Red Hat Network Satellite Server v 5.0 RedHat rhn-modjk-0:1.2.23-2rhn.rhel4 *
Red Hat Network Satellite Server v 5.0 RedHat rhn-modperl-0:1.29-16.rhel4 *
Red Hat Network Satellite Server v 5.0 RedHat rhn-modssl-0:2.8.12-8.rhn.10.rhel4 *
Red Hat Network Satellite Server v 5.0 RedHat tomcat5-0:5.0.30-0jpp_10rh *
Red Hat Network Satellite Server v 5.1 RedHat jfreechart-0:0.9.20-3.rhn *
Red Hat Network Satellite Server v 5.1 RedHat mod_perl-0:2.0.2-12.el4 *
Red Hat Network Satellite Server v 5.1 RedHat perl-Crypt-CBC-0:2.24-1.el4 *
Red Hat Network Satellite Server v 5.1 RedHat rhn-web-0:5.1.1-7 *
Red Hat Network Satellite Server v 5.1 RedHat tomcat5-0:5.0.30-0jpp_10rh *

References