CVE-2008-0002

Published: 12 February 2008

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

Notes

Author	Note
fujitsu	Only 0.6.x affected.

Priority

Status

Package	Release	Status
tomcat5 Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	edgy	Not vulnerable
	feisty	Not vulnerable
	gutsy	Does not exist
	upstream	Not vulnerable
tomcat5.5 Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Not vulnerable
	feisty	Not vulnerable
	gutsy	Not vulnerable
	upstream	Not vulnerable

References

https://www.cve.org/CVERecord?id=CVE-2008-0002
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›