CVE Kennung:	CVE-2009-0781
Beschreibung:	Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
Test Kennungen:	1.3.6.1.4.1.25623.1.0.800372   1.3.6.1.4.1.25623.1.0.66330   1.3.6.1.4.1.25623.1.0.66329   1.3.6.1.4.1.25623.1.0.66326
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0781 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html Bugtraq: 20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application (Google Search) http://www.securityfocus.com/archive/1/501538/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Debian Security Information: DSA-2207 (Google Search) http://www.debian.org/security/2011/dsa-2207 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html HPdes Security Advisory: HPSBMA02535 http://marc.info/?l=bugtraq&m=127420533226623&w=2 HPdes Security Advisory: HPSBOV02762 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: HPSBUX02579 http://marc.info/?l=bugtraq&m=129070310906557&w=2 HPdes Security Advisory: HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 HPdes Security Advisory: SSRT100029 http://marc.info/?l=bugtraq&m=127420533226623&w=2 HPdes Security Advisory: SSRT100203 http://marc.info/?l=bugtraq&m=129070310906557&w=2 HPdes Security Advisory: SSRT100825 http://marc.info/?l=bugtraq&m=133469267822771&w=2 HPdes Security Advisory: SSRT101146 http://marc.info/?l=bugtraq&m=136485229118404&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 http://www.mandriva.com/security/advisories?name=MDVSA-2009:138 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6564 http://secunia.com/advisories/35685 http://secunia.com/advisories/35788 http://secunia.com/advisories/37460 http://secunia.com/advisories/42368 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.vupen.com/english/advisories/2009/1856 http://www.vupen.com/english/advisories/2009/3316 http://www.vupen.com/english/advisories/2010/3056 XForce ISS Database: tomcat-cal2-xss(49213) https://exchange.xforce.ibmcloud.com/vulnerabilities/49213