Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2008-0002

Published: Feb 12, 2008 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
LOW
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2008-0002
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

Affected Software

Name Vendor Start Version End Version
Tomcat Apache 6.0.5 (including) 6.0.5 (including)
Tomcat Apache 6.0.6 (including) 6.0.6 (including)
Tomcat Apache 6.0.7 (including) 6.0.7 (including)
Tomcat Apache 6.0.8 (including) 6.0.8 (including)
Tomcat Apache 6.0.9 (including) 6.0.9 (including)
Tomcat Apache 6.0.10 (including) 6.0.10 (including)
Tomcat Apache 6.0.11 (including) 6.0.11 (including)
Tomcat Apache 6.0.12 (including) 6.0.12 (including)
Tomcat Apache 6.0.13 (including) 6.0.13 (including)
Tomcat Apache 6.0.14 (including) 6.0.14 (including)
Tomcat Apache 6.0.15 (including) 6.0.15 (including)
JBEAP 4.2.0 for RHEL 4 RedHat glassfish-javamail-0:1.4.0-0jpp.ep1.8 *
JBEAP 4.2.0 for RHEL 4 RedHat hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1 *
JBEAP 4.2.0 for RHEL 4 RedHat jacorb-0:2.3.0-1jpp.ep1.4 *
JBEAP 4.2.0 for RHEL 4 RedHat jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1 *
JBEAP 4.2.0 for RHEL 4 RedHat jboss-seam-0:1.2.1-1.ep1.3.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1 *
JBEAP 4.2.0 for RHEL 4 RedHat jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jcommon-0:1.0.12-1jpp.ep1.2.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jfreechart-0:1.0.9-1jpp.ep1.2.el4 *
JBEAP 4.2.0 for RHEL 4 RedHat jgroups-1:2.4.1-1.SP4.0jpp.ep1.2 *
JBEAP 4.2.0 for RHEL 4 RedHat rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4 *
JBEAP 4.2.0 for RHEL 5 RedHat hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1 *
JBEAP 4.2.0 for RHEL 5 RedHat hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1 *
JBEAP 4.2.0 for RHEL 5 RedHat jacorb-0:2.3.0-1jpp.ep1.5.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3 *
JBEAP 4.2.0 for RHEL 5 RedHat jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jboss-seam-0:1.2.1-1.ep1.3.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jcommon-0:1.0.12-1jpp.ep1.2.el5 *
JBEAP 4.2.0 for RHEL 5 RedHat jfreechart-0:1.0.9-1jpp.ep1.2.el5.1 *
JBEAP 4.2.0 for RHEL 5 RedHat rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1 *
Red Hat Web Application Stack for RHEL 4 RedHat concurrent-0:1.3.4-7jpp.ep1.6.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat glassfish-javamail-0:1.4.0-0jpp.ep1.8 *
Red Hat Web Application Stack for RHEL 4 RedHat glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18 *
Red Hat Web Application Stack for RHEL 4 RedHat glassfish-jstl-0:1.2.0-0jpp.ep1.2 *
Red Hat Web Application Stack for RHEL 4 RedHat hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1 *
Red Hat Web Application Stack for RHEL 4 RedHat jacorb-0:2.3.0-1jpp.ep1.4 *
Red Hat Web Application Stack for RHEL 4 RedHat jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jboss-common-0:1.2.1-0jpp.ep1.2 *
Red Hat Web Application Stack for RHEL 4 RedHat jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1 *
Red Hat Web Application Stack for RHEL 4 RedHat jboss-seam-0:1.2.1-1.ep1.3.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1 *
Red Hat Web Application Stack for RHEL 4 RedHat jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3 *
Red Hat Web Application Stack for RHEL 4 RedHat jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jcommon-0:1.0.12-1jpp.ep1.2.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jfreechart-0:1.0.9-1jpp.ep1.2.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat jgroups-1:2.4.1-1.SP4.0jpp.ep1.2 *
Red Hat Web Application Stack for RHEL 4 RedHat rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4 *
Red Hat Web Application Stack for RHEL 4 RedHat wsdl4j-0:1.6.2-1jpp.ep1.8 *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use