[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: CVE-2007-3382/3385 + JBoss 4.0.3SP1
dabramov
do-not-reply at jboss.com
Mon Sep 24 16:50:11 EDT 2007
Can you confirm JBAS-2866 addresses these vulnerabilities since neither the description of the patch or JBAS-2866 explicitly reference either CVE-2007-3382 or CVE-2007-3385. (though JBAS-2866 is related to the use of quotes in cookies)
"Tomcat 5.5 servlet 2.4 web container with a fix for the JBAS-2866, as well as backported fixes for CVE-2005-2090, CVE-2006-3835, CVE-2006-7195, CVE-2007-0450, CVE-2007-1858, CVE-2005-3510, plus fixes for CVE-2007-2450 and CVE-2007-3386"
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4088178#4088178
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4088178
More information about the jboss-user
mailing list