CVE-2011-5062 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 89%

Vendor	Product	Version
apache	tomcat	5.5.0
apache	tomcat	5.5.1
apache	tomcat	5.5.2
apache	tomcat	5.5.3
apache	tomcat	5.5.4
apache	tomcat	5.5.5
apache	tomcat	5.5.6
apache	tomcat	5.5.7
apache	tomcat	5.5.8
apache	tomcat	5.5.9
apache	tomcat	5.5.10
apache	tomcat	5.5.11
apache	tomcat	5.5.12
apache	tomcat	5.5.13
apache	tomcat	5.5.14
apache	tomcat	5.5.15
apache	tomcat	5.5.16
apache	tomcat	5.5.17
apache	tomcat	5.5.18
apache	tomcat	5.5.19
apache	tomcat	5.5.20
apache	tomcat	5.5.21
apache	tomcat	5.5.22
apache	tomcat	5.5.23
apache	tomcat	5.5.24
apache	tomcat	5.5.25
apache	tomcat	5.5.26
apache	tomcat	5.5.27
apache	tomcat	5.5.28
apache	tomcat	5.5.29
apache	tomcat	5.5.30
apache	tomcat	5.5.31
apache	tomcat	5.5.32
apache	tomcat	5.5.33
apache	tomcat	6.0
apache	tomcat	6.0.0
apache	tomcat	6.0.1
apache	tomcat	6.0.2
apache	tomcat	6.0.3
apache	tomcat	6.0.4
apache	tomcat	6.0.5
apache	tomcat	6.0.6
apache	tomcat	6.0.7
apache	tomcat	6.0.8
apache	tomcat	6.0.9
apache	tomcat	6.0.10
apache	tomcat	6.0.11
apache	tomcat	6.0.12
apache	tomcat	6.0.13
apache	tomcat	6.0.14
apache	tomcat	6.0.15
apache	tomcat	6.0.16
apache	tomcat	6.0.17
apache	tomcat	6.0.18
apache	tomcat	6.0.19
apache	tomcat	6.0.20
apache	tomcat	6.0.24
apache	tomcat	6.0.26
apache	tomcat	6.0.27
apache	tomcat	6.0.28
apache	tomcat	6.0.29
apache	tomcat	6.0.30
apache	tomcat	6.0.31
apache	tomcat	6.0.32
apache	tomcat	7.0.0
apache	tomcat	7.0.0:beta
apache	tomcat	7.0.1
apache	tomcat	7.0.2
apache	tomcat	7.0.3
apache	tomcat	7.0.4
apache	tomcat	7.0.5
apache	tomcat	7.0.6
apache	tomcat	7.0.7
apache	tomcat	7.0.8
apache	tomcat	7.0.9
apache	tomcat	7.0.10
apache	tomcat	7.0.11

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

tomcat5.5

oneiric	dne
natty	dne
maverick	dne
lucid	dne
hardy	ignored

tomcat6

oneiric	Fixed 6.0.32-5ubuntu1.1 released
natty	Fixed 6.0.28-10ubuntu2.2 released
maverick	Fixed 6.0.28-2ubuntu1.5 released
lucid	Fixed 6.0.24-2ubuntu1.9 released
hardy	dne

tomcat7

oneiric	not-affected
natty	dne
maverick	dne
lucid	dne
hardy	dne

Common Weakness Enumeration

CWE-264 -

References

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://rhn.redhat.com/errata/RHSA-2012-0074.html

http://rhn.redhat.com/errata/RHSA-2012-0075.html

http://rhn.redhat.com/errata/RHSA-2012-0076.html

http://rhn.redhat.com/errata/RHSA-2012-0077.html

http://rhn.redhat.com/errata/RHSA-2012-0078.html

http://rhn.redhat.com/errata/RHSA-2012-0325.html

http://secunia.com/advisories/57126

http://svn.apache.org/viewvc?view=rev&rev=1087655

http://svn.apache.org/viewvc?view=rev&rev=1158180

http://svn.apache.org/viewvc?view=rev&rev=1159309

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://www.debian.org/security/2012/dsa-2401

http://www.redhat.com/support/errata/RHSA-2011-1845.html

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://rhn.redhat.com/errata/RHSA-2012-0074.html

http://rhn.redhat.com/errata/RHSA-2012-0075.html

http://rhn.redhat.com/errata/RHSA-2012-0076.html

http://rhn.redhat.com/errata/RHSA-2012-0077.html

http://rhn.redhat.com/errata/RHSA-2012-0078.html

http://rhn.redhat.com/errata/RHSA-2012-0325.html

http://secunia.com/advisories/57126

http://svn.apache.org/viewvc?view=rev&rev=1087655

http://svn.apache.org/viewvc?view=rev&rev=1158180

http://svn.apache.org/viewvc?view=rev&rev=1159309

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://www.debian.org/security/2012/dsa-2401

http://www.redhat.com/support/errata/RHSA-2011-1845.html

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E