Rapid7 Vulnerability & Exploit Database

Sun Patch: SunOS 5.10_x86: Oracle Java Web Console 3.1 Patch

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Sun Patch: SunOS 5.10_x86: Oracle Java Web Console 3.1 Patch

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

02/06/2012

Created

07/25/2018

Added

02/21/2012

Modified

03/21/2018

Description

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.

Solution(s)

sunpatch-solaris-147674

References

https://attackerkb.com/topics/cve-2007-5333
APPLE-SA-2008-06-30
APPLE-SA-2008-10-09
APPLE-SA-2010-03-29-1
APPLE-SA-2011-10-12-3
APPLE-SA-2012-02-01-1
27006
27703
27706
29502
30494
30496
30633
31681
35193
35196
35263
35416
36954
37942
37944
37945
39635
41544
45015
46164
46174
46177
48456
48667
49143
49353
51200
51447
63078
64758
64859
99845
343355
903934
CVE - 2007-5333
CVE - 2007-5342
CVE - 2007-6286
CVE - 2008-0002
CVE - 2008-1232
CVE - 2008-1947
CVE - 2008-2370
CVE - 2008-2938
CVE - 2008-5515
CVE - 2009-0033
CVE - 2009-0580
CVE - 2009-0781
CVE - 2009-0783
CVE - 2009-2693
CVE - 2009-2901
CVE - 2009-2902
CVE - 2009-3548
CVE - 2010-1157
CVE - 2010-2227
CVE - 2010-3718
CVE - 2010-4172
CVE - 2010-4312
CVE - 2011-0013
CVE - 2011-0534
CVE - 2011-1184
CVE - 2011-2204
CVE - 2011-2526
CVE - 2011-2729
CVE - 2011-3190
CVE - 2011-3375
CVE - 2011-4858
CVE - 2011-5062
CVE - 2011-5063
CVE - 2011-5064
CVE - 2012-0022
CVE - 2013-5839
CVE - 2014-0390
CVE - 2017-10062
DSA-1447
DSA-1593
DSA-2160
DSA-2207
DSA-2401
Category I
V0027158
2011-A-0066
OVAL10231
OVAL10417
OVAL10422
OVAL10577
OVAL10587
OVAL10716
OVAL11041
OVAL11177
OVAL11181
OVAL11534
OVAL12517
OVAL12878
OVAL13969
OVAL14573
OVAL14743
OVAL14931
OVAL14933
OVAL14945
OVAL16925
OVAL18532
OVAL18886
OVAL18913
OVAL18915
OVAL18934
OVAL19110
OVAL19169
OVAL19247
OVAL19269
OVAL19345
OVAL19355
OVAL19379
OVAL19414
OVAL19431
OVAL19450
OVAL19452
OVAL19465
OVAL19492
OVAL19514
OVAL19532
OVAL5739
OVAL5876
OVAL5985
OVAL6009
OVAL6445
OVAL6450
OVAL6564
OVAL6628
OVAL7017
OVAL7033
OVAL7092
OVAL9101
RHSA-2008:0042
RHSA-2008:0195
RHSA-2008:0648
RHSA-2008:0831
RHSA-2008:0832
RHSA-2008:0833
RHSA-2008:0834
RHSA-2008:0862
RHSA-2008:0864
RHSA-2010:0119
RHSA-2010:0580
RHSA-2010:0581
RHSA-2010:0582
RHSA-2010:0583
RHSA-2011:0791
RHSA-2011:0896
RHSA-2011:0897
RHSA-2011:1291
RHSA-2011:1292
RHSA-2011:1845
RHSA-2012:0074
RHSA-2012:0075
RHSA-2012:0076
RHSA-2012:0077
RHSA-2012:0078
RHSA-2012:0089
RHSA-2012:0325
RHSA-2012:0345
RHSA-2012:0406
RHSA-2012:1331
147674-10
147674-11
39201
42816
44155
44156
44411
49213
50928
50930
51195
54182
55855
55856
55857
60264
63422
65159
65162
68238
68541
69161
69472
72425
90362

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;