CVE-2008-0002

Publication date 12 February 2008

Last updated 24 July 2024

Description

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
tomcat5	7.10 gutsy	Not in release
	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected
tomcat5.5	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

Notes

fujitsu

Only 0.6.x affected.

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2008-0002