CVE-2007-3385

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.

Published Bysecalert@redhat.com

Published DateAug 14, 2007, 22:17

Affected Versions(5)

org.apache.tomcat:tomcat(Maven)

Introduced6.0.0

FixedN/A

LimitN/A

org.apache.tomcat:tomcat(Maven)

Introduced5.5.0

FixedN/A

LimitN/A

org.apache.tomcat:tomcat(Maven)

Introduced5.0.0

FixedN/A

LimitN/A

org.apache.tomcat:tomcat(Maven)

Introduced4.1.0

FixedN/A

LimitN/A

org.apache.tomcat:tomcat(Maven)

Introduced3.3.0

FixedN/A

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
org.apache.tomcat:tomcat(Maven)	6.0.0	N/A	N/A
org.apache.tomcat:tomcat(Maven)	5.5.0	N/A	N/A
org.apache.tomcat:tomcat(Maven)	5.0.0	N/A	N/A
org.apache.tomcat:tomcat(Maven)	4.1.0	N/A	N/A
org.apache.tomcat:tomcat(Maven)	3.3.0	N/A	N/A

Weakness Type (CWE):CWE-200

CVSS Metrics

Base Score

4.3

Vector String

AV:N/AC:M/Au:N/C:P/I:N/A:N

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

PARTIAL

Integrity (I)

NONE

Availability (A)

NONE

References

Weakness Type (CWE):CWE-200

CVSS Metrics

Base Score

4.3

Vector String

AV:N/AC:M/Au:N/C:P/I:N/A:N

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

PARTIAL

Integrity (I)

NONE

Availability (A)

NONE