Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2008-0002

Published: Feb 12, 2008 | Modified: Apr 09, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
LOW
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2008-0002
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

Affected Software

NameVendorStart VersionEnd Version
TomcatApache6.0.5 (including)6.0.5 (including)
TomcatApache6.0.6 (including)6.0.6 (including)
TomcatApache6.0.7 (including)6.0.7 (including)
TomcatApache6.0.8 (including)6.0.8 (including)
TomcatApache6.0.9 (including)6.0.9 (including)
TomcatApache6.0.10 (including)6.0.10 (including)
TomcatApache6.0.11 (including)6.0.11 (including)
TomcatApache6.0.12 (including)6.0.12 (including)
TomcatApache6.0.13 (including)6.0.13 (including)
TomcatApache6.0.14 (including)6.0.14 (including)
TomcatApache6.0.15 (including)6.0.15 (including)
JBEAP 4.2.0 for RHEL 4RedHatglassfish-javamail-0:1.4.0-0jpp.ep1.8*
JBEAP 4.2.0 for RHEL 4RedHathibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHathibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4*
JBEAP 4.2.0 for RHEL 4RedHathibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4*
JBEAP 4.2.0 for RHEL 4RedHathsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1*
JBEAP 4.2.0 for RHEL 4RedHatjacorb-0:2.3.0-1jpp.ep1.4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjbossas-0:4.2.0-3.GA_CP02.ep1.3.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4*
JBEAP 4.2.0 for RHEL 4RedHatjboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1*
JBEAP 4.2.0 for RHEL 4RedHatjboss-seam-0:1.2.1-1.ep1.3.el4*
JBEAP 4.2.0 for RHEL 4RedHatjbossweb-0:2.0.0-3.CP05.0jpp.ep1.1*
JBEAP 4.2.0 for RHEL 4RedHatjbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4*
JBEAP 4.2.0 for RHEL 4RedHatjcommon-0:1.0.12-1jpp.ep1.2.el4*
JBEAP 4.2.0 for RHEL 4RedHatjfreechart-0:1.0.9-1jpp.ep1.2.el4*
JBEAP 4.2.0 for RHEL 4RedHatjgroups-1:2.4.1-1.SP4.0jpp.ep1.2*
JBEAP 4.2.0 for RHEL 4RedHatrh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4*
JBEAP 4.2.0 for RHEL 5RedHathibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1*
JBEAP 4.2.0 for RHEL 5RedHathibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1*
JBEAP 4.2.0 for RHEL 5RedHatjacorb-0:2.3.0-1jpp.ep1.5.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3*
JBEAP 4.2.0 for RHEL 5RedHatjboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjboss-seam-0:1.2.1-1.ep1.3.el5*
JBEAP 4.2.0 for RHEL 5RedHatjbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5*
JBEAP 4.2.0 for RHEL 5RedHatjcommon-0:1.0.12-1jpp.ep1.2.el5*
JBEAP 4.2.0 for RHEL 5RedHatjfreechart-0:1.0.9-1jpp.ep1.2.el5.1*
JBEAP 4.2.0 for RHEL 5RedHatrh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1*
Red Hat Web Application Stack for RHEL 4RedHatconcurrent-0:1.3.4-7jpp.ep1.6.el4*
Red Hat Web Application Stack for RHEL 4RedHatglassfish-jaf-0:1.1.0-0jpp.ep1.10.el4*
Red Hat Web Application Stack for RHEL 4RedHatglassfish-javamail-0:1.4.0-0jpp.ep1.8*
Red Hat Web Application Stack for RHEL 4RedHatglassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18*
Red Hat Web Application Stack for RHEL 4RedHatglassfish-jstl-0:1.2.0-0jpp.ep1.2*
Red Hat Web Application Stack for RHEL 4RedHathibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4*
Red Hat Web Application Stack for RHEL 4RedHathibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4*
Red Hat Web Application Stack for RHEL 4RedHathibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4*
Red Hat Web Application Stack for RHEL 4RedHathsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1*
Red Hat Web Application Stack for RHEL 4RedHatjacorb-0:2.3.0-1jpp.ep1.4*
Red Hat Web Application Stack for RHEL 4RedHatjboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4*
Red Hat Web Application Stack for RHEL 4RedHatjbossas-0:4.2.0-3.GA_CP02.ep1.3.el4*
Red Hat Web Application Stack for RHEL 4RedHatjboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4*
Red Hat Web Application Stack for RHEL 4RedHatjboss-common-0:1.2.1-0jpp.ep1.2*
Red Hat Web Application Stack for RHEL 4RedHatjboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1*
Red Hat Web Application Stack for RHEL 4RedHatjboss-seam-0:1.2.1-1.ep1.3.el4*
Red Hat Web Application Stack for RHEL 4RedHatjbossweb-0:2.0.0-3.CP05.0jpp.ep1.1*
Red Hat Web Application Stack for RHEL 4RedHatjbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3*
Red Hat Web Application Stack for RHEL 4RedHatjbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4*
Red Hat Web Application Stack for RHEL 4RedHatjcommon-0:1.0.12-1jpp.ep1.2.el4*
Red Hat Web Application Stack for RHEL 4RedHatjfreechart-0:1.0.9-1jpp.ep1.2.el4*
Red Hat Web Application Stack for RHEL 4RedHatjgroups-1:2.4.1-1.SP4.0jpp.ep1.2*
Red Hat Web Application Stack for RHEL 4RedHatrh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4*
Red Hat Web Application Stack for RHEL 4RedHatwsdl4j-0:1.6.2-1jpp.ep1.8*

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use