The OVAL Repository5.82014-01-03T07:26:22.241-05:00VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issuesApache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.Merryl DMelloDRAFTINTERIMINTERIMVMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issuesCertain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.Merryl DMelloDRAFTINTERIMINTERIMVMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issuesApache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.Merryl DMelloDRAFTINTERIMINTERIMVMware ESX Server 4.0 is installedVMware ESX Server 4The operating system installed on the system is VMware ESX Server 4.0.Michael WoodDRAFTINTERIMACCEPTEDACCEPTEDESX400-201209401-SGESX410-201208101-SG4.0.0