Interstage Application Server: 情報漏えいの脆弱性について(CVE-2008-2370/CVE-2008-5515) (2010年10月27日)
1.脆弱性の説明
Servletサービスにおいて、情報漏えいの脆弱性が確認されました。
富士通は、「3. 該当システム・対策情報」にセキュリティパッチ、回避方法を提供していますので、早急に適用する様にお願いします。
Interstage製品については以下のページを参照してください。
https://www.fujitsu.com/jp/products/software/middleware/business-middleware/interstage/
2. 脆弱性のもたらす脅威
Webアプリケーション配下のアクセス制限をつけて保護しているコンテンツまたは内部情報を、遠隔の第三者によって取得される可能性があります。
本脆弱性の深刻度に関しては、「4. 関連情報」に記載のJVNおよびIPAの公開情報内にある、JVN「JPCERT/CCによる脆弱性分析結果」、IPA「本脆弱性の深刻度」を参照願います。
3. 該当システム・対策情報
3-1.該当システム
GP7000F, PRIMEPOWER, GP-S, SPARC Enterprise, PRIMERGY, GP5000, CELSIUS, FMVシリーズ, AT互換機, PRIMEQUEST
3-2.該当製品・対策Patch
・Interstage Application Framework Suite
・Interstage Application Server
・Interstage Apworks/Studio
・Interstage Business Application Server
・Interstage Job Workload Server
・Interstage Web Server
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Application Framework Suite Enterprise Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Framework Suite Enterprise Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Framework Suite Enterprise Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Framework Suite Enterprise Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Framework Suite Standard Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Framework Suite Standard Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Framework Suite Standard Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Framework Suite Standard Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Framework Suite Standard Edition 7.0.2 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Framework Suite Web Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Framework Suite Web Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Framework Suite Web Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Framework Suite Web Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Framework Suite Web Edition 7.0.2 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Framework Suite Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Enterprise Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Standard Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Standard Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Framework Suite Standard Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Framework Suite Web Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Web Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Web Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Web Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Framework Suite Web Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Framework Suite Web Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Framework Suite Enterprise Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Framework Suite Standard Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Framework Suite Standard Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Framework Suite Standard Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Framework Suite Web Edition V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Framework Suite Web Edition V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Framework Suite Web Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Framework Suite Web Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Application Server Enterprise Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Server Enterprise Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Server Enterprise Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Server Enterprise Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Enterprise Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
| Interstage Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Application Server Enterprise Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
| Interstage Application Server Enterprise Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Application Server Enterprise Edition V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
| Interstage Application Server Enterprise Edition V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
| Interstage Application Server Enterprise Edition V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Enterprise Edition V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Enterprise Edition V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Standard Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Server Standard Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Server Standard Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Server Standard Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Standard Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Standard-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000573SP-12 |
| Interstage Application Server Standard-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Application Server Standard-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000573SP-12 |
| Interstage Application Server Standard-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Application Server Standard-J Edition V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
| Interstage Application Server Standard-J Edition V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
| Interstage Application Server Standard-J Edition V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Standard-J Edition V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Standard-J Edition V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Application Server Plus 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Server Plus 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Server Plus 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Server Plus 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Plus 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Web-J Edition 6.0 | Solaris 7, 8, 9 | FJSVjs4 | T0114S-07 |
| Interstage Application Server Web-J Edition 6.0.1 | Solaris 7, 8, 9 | FJSVjs4 | T0163S-09 |
| Interstage Application Server Web-J Edition 6.0.2 | Solaris 7, 8, 9 | FJSVjs4 | T0315S-03 |
| Interstage Application Server Web-J Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Web-J Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-11 |
| Interstage Application Server Web-J Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12 |
| Interstage Application Server Web-J Edition 8.0.3 | Solaris 9, 10 | FJSVjs4 | T000574SP-12 |
| Interstage Application Server Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Enterprise Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Enterprise Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Enterprise Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
| Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Enterprise Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
| Interstage Application Server Enterprise Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
| Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
| Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T003389WP-02 |
| Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T003524WP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T003389WP-02 |
| Interstage Application Server Enterprise Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T003524WP-01 |
| Interstage Application Server Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Standard Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Standard Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Standard Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Standard-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
| Interstage Application Server Standard-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
| Interstage Application Server Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Standard-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000686WP-06 |
| Interstage Application Server Standard-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
| Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T003389WP-02 |
| Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T003524WP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T003389WP-02 |
| Interstage Application Server Standard-J Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T003524WP-01 |
| Interstage Application Server Plus V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Plus V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Plus V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Plus V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Plus V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Plus V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Plus Developer V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Application Server Plus Developer V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
| Interstage Application Server Web-J Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Web-J Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Web-J Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Web-J Edition V6.0L10C | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0 | F3FMjs4 | TK00543 |
| Interstage Application Server Web-J Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Web-J Edition V7.0L10A | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Web-J Edition V7.0L11 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | TK00544 |
| Interstage Application Server Web-J Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
| Interstage Application Server Web-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
| Interstage Application Server Web-J Edition 8.0.3 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06 |
| Interstage Application Server Enterprise Edition 8.0.0 | Windows Server 2003(IPF) | F3FMjs4 | 後日提供 |
| Interstage Application Server Enterprise Edition 8.0.3 | Windows Server 2003(IPF) | F3FMjs4 | 後日提供 |
| Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs5 | T001580IP-02 |
| Interstage Application Server Enterprise Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs4 | T001585IP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2008(IPF)/ Windows Server 2003(IPF) | F3FMjs5 | T003523IP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | Windows Server 2008(IPF)/ Windows Server 2003(IPF) | F3FMjs4 | T003528IP-01 |
| Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs5 | T001580IP-02 |
| Interstage Application Server Standard-J Edition V9.0.0 | Windows Server 2003(IPF) | F3FMjs4 | T001585IP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2008(IPF)/ Windows Server 2003(IPF) | F3FMjs5 | T003523IP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | Windows Server 2008(IPF)/ Windows Server 2003(IPF) | F3FMjs4 | T003528IP-01 |
| Interstage Application Server Enterprise Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Enterprise Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Enterprise Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000682LP-08 |
| Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
| Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000682LP-08 |
| Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
| Interstage Application Server Enterprise Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
| Interstage Application Server Enterprise Edition V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
| Interstage Application Server Enterprise Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
| Interstage Application Server Enterprise Edition V9.0.1B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
| Interstage Application Server Enterprise Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
| Interstage Application Server Standard Edition V6.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Standard Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Standard Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Standard-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000683LP-08 |
| Interstage Application Server Standard-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
| Interstage Application Server Standard-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000683LP-08 |
| Interstage Application Server Standard-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08(*1) |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
| Interstage Application Server Standard-J Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
| Interstage Application Server Standard-J Edition V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
| Interstage Application Server Standard-J Edition V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
| Interstage Application Server Standard-J Edition V9.0.1B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
| Interstage Application Server Standard-J Edition V9.1.0B | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
| Interstage Application Server Plus V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Plus V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Plus V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Plus V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Web-J Edition V6.0L10 | RHEL-AS2.1(x86)/ ES2.1(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Web-J Edition V6.0L11 | RHEL-AS2.1(x86)/ ES2.1(x86)/ AS3(x86)/ ES3(x86) | FJSVjs4 | T00274-09 |
| Interstage Application Server Web-J Edition V7.0L10 | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Web-J Edition V7.0L11 | RHEL-AS3(x86)/ ES3(x86)/ AS4(x86) | FJSVjs4 | T00836-09 |
| Interstage Application Server Web-J Edition 8.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08 |
| Interstage Application Server Web-J Edition 8.0.3 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T000684LP-08 |
| Interstage Application Server Enterprise Edition V7.0L10 | RHEL-AS4(IPF) | FJSVjs4 | T001343QP-03 |
| Interstage Application Server Enterprise Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Application Server Enterprise Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
| Interstage Application Server Enterprise Edition 8.0.3 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs5 | T001578QP-02 |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL5(IPF) | FJSVjs5 | T001579QP-02 |
| Interstage Application Server Enterprise Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T001584QP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs5 | T003521QP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL5(IPF) | FJSVjs5 | T003522QP-01 |
| Interstage Application Server Enterprise Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T003527QP-01 |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs5 | T001578QP-02 |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL5(IPF) | FJSVjs5 | T001579QP-02 |
| Interstage Application Server Standard-J Edition V9.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T001584QP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs5 | T003521QP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL5(IPF) | FJSVjs5 | T003522QP-01 |
| Interstage Application Server Standard-J Edition V9.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T003527QP-01 |
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Apworks Enterprise Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Enterprise Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Enterprise Edition V6.0L10B | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Enterprise Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
| Interstage Apworks Enterprise Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000685WP-06 |
| Interstage Apworks Enterprise Edition 8.1.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000685WP-06 |
| Interstage Apworks Standard Edition V6.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Standard Edition V6.0L10A | Windows Server 2003/ Windows 2000 Server/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Standard Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
| Interstage Apworks Standard-J Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | T000686WP-06 |
| Interstage Apworks Modelers-J Edition V6.0L10 | Windows 2000 Server/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Modelers-J Edition V6.0L10A | Windows 2000 Server/ Windows XP | F3FMjs4 | TK00543 |
| Interstage Apworks Modelers-J Edition V7.0L10 | Windows Server 2003/ Windows 2000 Server/ Windows XP | F3FMjs4 | TK00544 |
| Interstage Studio Enterprise Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Enterprise Edition V9.0.0A | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Enterprise Edition V9.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Enterprise Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| Interstage Studio Enterprise Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| Interstage Studio Standard-J Edition V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Standard-J Edition V9.0.0A | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Standard-J Edition V9.0.1 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio Standard-J Edition V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| Interstage Studio Standard-J Edition V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| Interstage Studio with UML Modeling Tool V9.0.0 | Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T001574WP-03 |
| Interstage Studio with UML Modeling Tool V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| Interstage Studio with UML Modeling Tool V9.1.0B | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server/ Windows XP/ Windows Vista | F3FMjs5 | T003389WP-02 |
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Business Application Server Enterprise Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Business Application Server Enterprise Edition 7.0.1 | Solaris 8, 9 | FJSVjs4 | T020LS-11 |
| Interstage Business Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
| Interstage Business Application Server Enterprise Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Business Application Server Enterprise Edition 8.0.1 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
| Interstage Business Application Server Enterprise Edition 8.0.1 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Business Application Server Standard Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000572SP-12 |
| Interstage Business Application Server Standard Edition 8.0.0 | Solaris 9, 10 | FJSVjs4 | T000574SP-12(*1) |
| Interstage Business Application Server Standard Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
| Interstage Business Application Server Standard Edition 8.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Business Application Server Standard Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000685WP-06 |
| Interstage Business Application Server Standard Edition 8.0.1 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T000687WP-06(*1) |
| Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(x86) | FJSVjs4 | T000682LP-08 |
| Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(x86) | FJSVjs4 | T000684LP-08(*1) |
| Interstage Business Application Server Enterprise Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Business Application Server Enterprise Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
| Interstage Business Application Server Standard Edition 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Business Application Server Standard Edition 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Job Workload Server 8.1.1 | Solaris 10 | FJSVjs4 | T000572SP-12 |
| Interstage Job Workload Server 8.0.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Job Workload Server 8.0.1 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Job Workload Server 8.1.0 | RHEL-AS4(IPF) | FJSVjs4 | T000109QP-07 |
| Interstage Job Workload Server 8.1.1 | RHEL-AS4(IPF) | FJSVjs4 | T000681QP-05 |
| 製品名 | 対象OS | パッケージ名 | Patch ID |
|---|---|---|---|
| Interstage Web Server V9.0.0 | Solaris 9, 10 | FJSVjs5 | T001575SP-03 |
| Interstage Web Server V9.0.0 | Solaris 9, 10 | FJSVjs4 | T001582SP-02 |
| Interstage Web Server V9.1.0 | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Web Server V9.1.0 | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Web Server V9.1.0A | Solaris 9, 10 | FJSVjs5 | T003517SP-01 |
| Interstage Web Server V9.1.0A | Solaris 9, 10 | FJSVjs4 | T003525SP-01 |
| Interstage Web Server V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T001574WP-03 |
| Interstage Web Server V9.0.0 | Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T001581WP-01 |
| Interstage Web Server V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs5 | T003389WP-02 |
| Interstage Web Server V9.1.0 | Windows Server 2008/ Windows Server 2003/ Windows 2000 Server | F3FMjs4 | T003524WP-01 |
| Interstage Web Server V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001576LP-03 |
| Interstage Web Server V9.0.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001577LP-03 |
| Interstage Web Server V9.0.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001583LP-01 |
| Interstage Web Server V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T001284LP-03 |
| Interstage Web Server V9.0.1 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T001285LP-03 |
| Interstage Web Server V9.0.1 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T001586LP-01 |
| Interstage Web Server V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs5 | T003518LP-01 |
| Interstage Web Server V9.1.0 | RHEL5(x86)/ RHEL5(Intel64) | FJSVjs5 | T003520LP-01 |
| Interstage Web Server V9.1.0 | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | T003526LP-01 |
Patch IDの表記のみ、あるいはIDの記載のない製品に関しては、当社サポートセンターにお問い合わせください。
(*1) Web Packageをご利用の場合に適用して頂くパッチです。
参考: 該当製品の確認方法
I. 製品バージョンレベルの確認方法- V6系の場合
- Solaris版の場合
FJSVisasパッケージのパッケージ情報を確認します。
pkginfo -l FJSVisas - Windows版の場合
[ソフトウェア説明書]の表題を確認します。
[スタートボタン]
→[プログラム]
→[Interstage]
→[Application Server | Application Framework Suite | Apworks]
→[ソフトウェア説明書] - Linux版の場合
FJSVisasパッケージのパッケージ情報を確認します。
rpm -q FJSVisas
- Solaris版の場合
- V7系以降の場合
isprintvlコマンドで確認します。
isprintvl
II. 該当Webアプリケーションの確認方法
本脆弱性の影響を受けるか否かは、Webアプリケーションの設定に依存します。
ご利用のWebアプリケーションが以下の条件を満たすかを確認してください。
条件1を満たさない場合は本脆弱性の影響を受けません。
条件1のみ、あるいは条件1, 2をともに満たす場合は、お手数ですが、回避方法について当社サポート窓口までお問い合わせください。
- 条件1:
- 1) Webアプリケーションが、以下のいずれかの Servlet API、または JSP アクションを呼び出している。かつ、
- javax.servlet.ServletContext#getRequestDispatcher(path)で取得したオブジェクトの forward または include メソッド
- javax.servlet.ServletRequest#getRequestDispatcher(path)で取得したオブジェクトの forward または include メソッド
- JSP の <jsp:forward page="path"> アクション
- JSP の <jsp:include page="path"> アクション
- 2) 1) の引数 path が '?' で始まるクエリ文字列を含む。かつ、
- 3) クライアントから送信されたデータを2)のクエリ文字列に含めている。
- 1) Webアプリケーションが、以下のいずれかの Servlet API、または JSP アクションを呼び出している。かつ、
- 条件2:
Webアプリケーション内の特定のコンテンツに対してのみ、アクセス制限を行っている。
以下1)~3)のいずれかまたは複数の場合が該当します。
Webアプリケーション内の全てのコンテンツに対して等しくアクセス制限を設定している場合は該当しません。- 1) Webアプリケーションで、サーブレットの仕様に沿ってアクセス制限機能を使用している。
Webアプリケーション環境定義ファイル(deployment descriptor: web.xml)に<security-constraint>タグが記載されている場合が該当します。
【該当する例】<security-constraint>タグでHelloにのみアクセス制限
<security-constraint>
<web-resource-collection>
<web-resource-name>Hello</web-resource-name>
<url-pattern>/Hello.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
【該当しない例】<security-constraint>タグですべてのコンテンツにアクセス制限
<security-constraint>
<web-resource-collection>
<web-resource-name>all</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint> - 2) Webサーバで、ServletサービスのアプリケーションのURLに対するアクセス制御機能を使用している
【該当する例】WebサーバがInterstage HTTP Serverの場合の環境定義ファイル(httpd.conf)
(Hello.jspにだけアクセス制限)
<Location /j2eesample/Hello.jsp>
Order deny,allow
Deny from all
Allow from 192.168.1.1
</Location>
【該当しない例】すべてのコンテンツにアクセス制限
<Location /j2eesample>
Order deny,allow
Deny from all
Allow from 192.168.1.1
</Location> - 3) その他、以下a)またはb)のようななんらかの方法で、Webアプリケーション内の特定のコンテンツに対してのみアクセス制限を行っている。
- a) Webアプリケーション独自でアクセス制限機能を実装している
- b) Webサーバ以外のネットワーク上の何らかのハードウェアまたはソフトウェアでアクセス制限を行っている
- 1) Webアプリケーションで、サーブレットの仕様に沿ってアクセス制限機能を使用している。
3-3. 回避方法
富士通では、本件に関する回避方法を、サポート窓口を通じて該当製品のお客様にご提供いたしますので、お手数ですが、当社サポート窓口までお問い合わせください。
4. 関連情報
本問題は、以下のApache Tomcatの脆弱性に該当します。
- CVE-2008-2370/ CVE-2008-5515: Tomcat information disclosure vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 - JVN#63832775: Apache Tomcat における情報漏えいの脆弱性
http://jvn.jp/jp/JVN63832775/index.html
5. 改版履歴
- 2010年10月27日 第2版: 「3. 該当システム・パッチ情報」にて、以下の内容を更新
- 注記(*1)を追加
- 一部製品のパッチを追加
- 下記製品を追加
- Interstage Application Server Enterprise Edition V9.0.1B
- Interstage Application Server Enterprise Edition V9.1.0B
- Interstage Application Server Standard-J Edition V9.1.0B
- Interstage Studio Enterprise Edition V9.1.0B
- Interstage Studio Standard-J Edition V9.1.0B
- Interstage Studio with UML Modeling Tool V9.1.0B
- 一部製品の対象OSを追加/ 削除
- 2009年6月9日 新規掲載
