Описание
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | released | 5.5.30 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | released | 5.5.30 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 6.0.28-2 |
| hardy | DNE | |
| jaunty | released | 6.0.18-0ubuntu6.3 |
| karmic | released | 6.0.20-2ubuntu2.2 |
| lucid | released | 6.0.24-2ubuntu1.3 |
| maverick | released | 6.0.28-2 |
| natty | released | 6.0.28-2 |
| oneiric | released | 6.0.28-2 |
| upstream | released | 6.0.28 |
Показывать по
6.4 Medium
CVSS2
Связанные уязвимости
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 be ...
Apache Tomcat does not properly handle an invalid Transfer-Encoding header
6.4 Medium
CVSS2