[Tomcat, HTTPD, Servlets & JSP] - JBoss 4.2.2 AS Vulnerability to CVE-2008-2938 - jboss-user

Monday, 25 August 2008

Hi there,
my first post here.
My security advisor (not to say security watch-dog) ask me if JBoss 4.2.2 is vulnerable to
CVE-2008-2938  as stated in http://www.kb.cert.org/vuls/id/343355. This flaw applies to
Tomcat 6.x prior to 6.0.18. jboss-4.2.2.GA/docs/licenses/thirdparty-licenses.xml says
Tomcat 6.0.10 is used. Any hints on this?

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4172312#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Tomcat, HTTPD, Servlets & JSP] - JBoss 4.2.2 AS Vulnerability to CVE-2008-2938