Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2010-2227

Опубликовано: 13 июл. 2010
Источник: debian
EPSS Средний

Описание

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tomcat5.5removedpackage
tomcat6fixed6.0.28-1package
tomcat6not-affectedlennypackage

EPSS

Процентиль: 98%
0.64738
Средний

Связанные уязвимости

ubuntu
около 15 лет назад

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

redhat
около 15 лет назад

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

nvd
около 15 лет назад

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

github
около 3 лет назад

Apache Tomcat does not properly handle an invalid Transfer-Encoding header

oracle-oval
около 15 лет назад

ELSA-2010-0580: tomcat5 security update (IMPORTANT)

EPSS

Процентиль: 98%
0.64738
Средний