AVG-51

Package tomcat6
Status Fixed
Severity Medium
Type proxy injection
Affected 6.0.45-1
Fixed 6.0.47-1
Current Removed
Ticket None
Created Tue Oct 25 08:16:16 2016
Issue Severity Remote Type Description
CVE-2016-5388 Medium Yes Proxy injection
It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which...
Date Advisory Package Description
02 Nov 2016 ASA-201611-6 tomcat6 proxy injection