Frame injection Affecting org.apache.tomcat:catalina package, versions [6.0.0,6.0.39)

Attack Complexity

High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

snyk-id

SNYK-JAVA-ORGAPACHETOMCAT-467247
published

20 Aug 2019
disclosed

18 Jun 2013
credit

Unknown

Report a new vulnerability Found a mistake?

Introduced: 18 Jun 2013

CVE-2013-1571 Open this link in a new tab CWE-1021 Open this link in a new tab

How to fix?

Upgrade org.apache.tomcat:catalina to version 6.0.39 or higher.

Overview

org.apache.tomcat:catalina is a Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Frame injection. Tomcat 6 is built with Java 5 which is known to generate Javadoc with a frame injection vulnerability.

References

Apache Tomcat 6 Advisory Details
CVE Details
GitHub Commit

Frame injection Affecting org.apache.tomcat:catalina package, versions [6.0.0,6.0.39)

Attack Complexity

snyk-id

published

disclosed

credit

Introduced: 18 Jun 2013

How to fix?

Overview

References